DATABASE RESOURCES PRICING ABOUT US

{"id": "ORACLELINUX_ELSA-2019-4746.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4746)", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4746 advisory.\n\n - fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. (CVE-2019-11833)\n\n - ** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue.\n (CVE-2019-12378)\n\n - ** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL. (CVE-2019-12381)\n\n - A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost. (CVE-2018-16871)\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages. (CVE-2019-13631)\n\n - ** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference. (CVE-2019-12382)\n\n - In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.\n (CVE-2019-13272)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2019-08-20T00:00:00", "modified": "2023-02-08T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/127985", "reporter": "This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1125", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11833", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12378", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16871", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13272", "https://linux.oracle.com/errata/ELSA-2019-4746.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12382", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13631", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12381"], "cvelist": ["CVE-2018-16871", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125", "CVE-2019-11833", "CVE-2019-12378", "CVE-2019-12381", "CVE-2019-12382", "CVE-2019-13272", "CVE-2019-13631"], "immutableFields": [], "lastseen": "2023-05-24T14:27:04", "viewCount": 47, "enchantments": {"dependencies": {"references": [{"type": "altlinux", "idList": ["DA7EB86A979E50AA3788F1F41AC8607F"]}, {"type": "amazon", "idList": ["ALAS-2019-1232", "ALAS-2019-1253", "ALAS2-2019-1214", "ALAS2-2019-1232", "ALAS2-2019-1253"]}, {"type": "androidsecurity", "idList": ["ANDROID:2020-03-01"]}, {"type": "attackerkb", "idList": ["AKB:ADDB2585-1F1E-4954-96CC-D10B59171D41"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "centos", "idList": ["CESA-2019:1873", "CESA-2019:2029", "CESA-2019:2473", "CESA-2019:2600", "CESA-2020:1016"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0813", "CPAI-2019-0815"]}, {"type": "cisa", "idList": ["CISA:380E63A9EAAD85FA1950A6973017E11B", "CISA:715DF5B957A42D91B3B79897B8FD61F2", "CISA:F3C70D08CAE58CBD29A5E5ED6B2AE473"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2019-13272"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:3CD9371F7B812821D289B3B89526722F", "CFOUNDRY:40058483A2E2195544934D494FF464F7", "CFOUNDRY:80E5E37692FEC22672DA18E221852B5D", "CFOUNDRY:A005A5D22D18F966EBF6C011F833E895", "CFOUNDRY:BD71AB043932448695E8B3D20302D582"]}, {"type": "cve", "idList": ["CVE-2018-16871", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125", "CVE-2019-11833", "CVE-2019-12378", "CVE-2019-12381", "CVE-2019-12382", "CVE-2019-13272", "CVE-2019-13631"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1823-1:39845", "DEBIAN:DLA-1824-1:6789E", "DEBIAN:DLA-1862-1:8E150", "DEBIAN:DLA-1863-1:26EA8", "DEBIAN:DLA-1884-1:61F35", "DEBIAN:DLA-1885-1:84558", "DEBIAN:DSA-4465-1:304F1", "DEBIAN:DSA-4465-1:DDE47", "DEBIAN:DSA-4484-1:6701B", "DEBIAN:DSA-4484-1:9995E", "DEBIAN:DSA-4495-1:1269E", "DEBIAN:DSA-4495-1:258DC", "DEBIAN:DSA-4497-1:7E46B", "DEBIAN:DSA-4497-1:F2AF4"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-16871", "DEBIANCVE:CVE-2019-1125", "DEBIANCVE:CVE-2019-11833", "DEBIANCVE:CVE-2019-12378", "DEBIANCVE:CVE-2019-12381", "DEBIANCVE:CVE-2019-12382", "DEBIANCVE:CVE-2019-13272", "DEBIANCVE:CVE-2019-13631"]}, {"type": "exploitdb", "idList": ["EDB-ID:47163", "EDB-ID:47543", "EDB-ID:48071", "EDB-ID:50541"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B9569B6E7A5B893D9E83922DA7DE24BA", "EXPLOITPACK:D90904EBF8E708574C2B9C142AE64E32"]}, {"type": "f5", "idList": ["F5:K18657134", "F5:K31085564", "F5:K91025336"]}, {"type": "fedora", "idList": ["FEDORA:02DB1605FC5C", "FEDORA:041196190421", "FEDORA:04868606351B", "FEDORA:07B5A6CB4421", "FEDORA:1BD5B6389B47", "FEDORA:2836F613193B", "FEDORA:344346042F3E", "FEDORA:3A3766C5B5A2", "FEDORA:3A69E60B3E88", "FEDORA:4002B609954A", "FEDORA:4CEF5610D7CA", "FEDORA:4F21B6125E50", "FEDORA:511986124F82", "FEDORA:511A7608E6E1", "FEDORA:54AA460F2356", "FEDORA:59E3F606D998", "FEDORA:5A4D662AE22C", "FEDORA:5BC786077CC2", "FEDORA:6B43460C450E", "FEDORA:6D98A6187237", "FEDORA:6E67663233DB", "FEDORA:754F860A98ED", "FEDORA:79EAC605FC25", "FEDORA:84FBF6179A05", "FEDORA:8F84F6C2FA80", "FEDORA:9801060D30FA", "FEDORA:98E8F6079A11", "FEDORA:99396612EAD6", "FEDORA:9BEAD610ED74", "FEDORA:B8E1B6130727", "FEDORA:BDA53610ED61", "FEDORA:BF5EC607125E", "FEDORA:C0A4560C423F", "FEDORA:C1EA6603ECEC", "FEDORA:C4D496071279", "FEDORA:C63656040AE1", "FEDORA:C6AF860C4240", "FEDORA:C7391611860D", "FEDORA:CB0956087865", "FEDORA:D3523607924A", "FEDORA:D6A96605FC57", "FEDORA:DC3AA613A0AB"]}, {"type": "fortinet", "idList": ["FG-IR-18-002"]}, {"type": "githubexploit", "idList": ["21C02459-836A-5B10-9130-27953475DA2A", "3EFA325D-5BA7-5EF3-9D27-F1E642D0DE95", "8C344C6F-D882-5801-AA22-22F5F3F4B4DB", "A491F600-7BE4-59CB-8F2A-56EA5DF22964", "BFC7AA0E-B692-55B8-BECA-F6DAF024FADD", "C332FD21-E85D-5C7D-95FC-3CF453E1E5B9", "DADF6C7C-8CAD-5148-81FC-1572BAD544E9"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20200408-01-SWAPGS"]}, {"type": "ibm", "idList": ["24400C9D70BA9E11A467C03D5072550ABC0427709E1B129CDE6B8C00AC26633B", "270E7F8D6C0BA0C052D17A0F1714E8401CE49A076E5AA43582D8DA42ACFE3121", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "4613957D820DCAFBB74BE1CB304042BC2F40D11AC7189E7AD20080A2A94DA39A", "4BB2759DF5CBB6BF54A7D60BF1046942C755D661255DAAC4EF3C0614D1A3AF9A", "4E20FF6980EF77F8F7C53E254EBEB9AF129EF6EDA938A5BDE9CFA46C95393000", "6CB4EF3A076E2190B30084083521AA008A1E2F799850D429F0737446D33988B3", "9148A44BD9A1C1A13CCEBD8F0346557CF005830103920CDDC01519240525CB58", "9B3C2542A224A170177BC588D64FBAC641AEB3A7ED64BDCAE097C03AA1143EDF", "B947805A29EE83AAAED8ABADDD8CFF00AA389BFC4D7DDC49FC3A89A557DD856C", "E76CF6F7C58DE085B1D5F988B60566AC28A05EF3B19F25A856F2533F5B3684AE"]}, {"type": "ics", "idList": ["ICSA-23-075-01"]}, {"type": "kaspersky", "idList": ["KLA11511", "KLA11529", "KLA11696", "KLA11700", "KLA11819"]}, {"type": "lenovo", "idList": ["LENOVO:PS500167-SPECULATIVE-EXECUTION-SIDE-CHANNEL-VULNERABILITY-VARIANTS-NOSID", "LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2019-0185", "MGASA-2019-0196", "MGASA-2019-0197", "MGASA-2019-0220", "MGASA-2019-0221", "MGASA-2019-0333"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-LINUX-LOCAL-PTRACE_TRACEME_PKEXEC_HELPER-"]}, {"type": "mscve", "idList": ["MS:CVE-2019-1071", "MS:CVE-2019-1073", "MS:CVE-2019-1125"]}, {"type": "mskb", "idList": ["KB4507435", "KB4507448", "KB4507449", "KB4507450", "KB4507452", "KB4507453", "KB4507455", "KB4507456", "KB4507457", "KB4507458", "KB4507460", "KB4507461", "KB4507462", "KB4507464", "KB4507469"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1214.NASL", "AL2_ALAS-2019-1253.NASL", "ALA_ALAS-2019-1253.NASL", "CENTOS8_RHSA-2019-2411.NASL", "CENTOS8_RHSA-2019-3517.NASL", "CENTOS8_RHSA-2020-1769.NASL", "CENTOS_RHSA-2019-1873.NASL", "CENTOS_RHSA-2019-2029.NASL", "CENTOS_RHSA-2019-2473.NASL", "CENTOS_RHSA-2019-2600.NASL", "CENTOS_RHSA-2020-1016.NASL", "DEBIAN_DLA-1823.NASL", "DEBIAN_DLA-1824.NASL", "DEBIAN_DLA-1862.NASL", "DEBIAN_DLA-1863.NASL", "DEBIAN_DLA-1884.NASL", "DEBIAN_DLA-1885.NASL", "DEBIAN_DSA-4465.NASL", "DEBIAN_DSA-4484.NASL", "DEBIAN_DSA-4495.NASL", "DEBIAN_DSA-4497.NASL", "EULEROS_SA-2019-1692.NASL", "EULEROS_SA-2019-1702.NASL", "EULEROS_SA-2019-1793.NASL", "EULEROS_SA-2019-1919.NASL", "EULEROS_SA-2019-1926.NASL", "EULEROS_SA-2019-2068.NASL", "EULEROS_SA-2019-2201.NASL", "EULEROS_SA-2019-2274.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2020-1186.NASL", "EULEROS_SA-2020-1269.NASL", "EULEROS_SA-2020-1452.NASL", "EULEROS_SA-2021-1056.NASL", "F5_BIGIP_SOL31085564.NASL", "FEDORA_2019-3DBFAEAC73.NASL", "FEDORA_2019-48B34FC991.NASL", "FEDORA_2019-6BDA4C81F4.NASL", "FEDORA_2019-7EC378191E.NASL", "FEDORA_2019-9D3FE6FD5B.NASL", "FEDORA_2019-A95015E60F.NASL", "FEDORA_2019-E37C348348.NASL", "FEDORA_2019-F40BD7826F.NASL", "NEWSTART_CGSL_NS-SA-2019-0177_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0180_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0183_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0189_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0200_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0247_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0253_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0264_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0266_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2020-0021_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0030_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0108_KERNEL.NASL", "NUTANIX_NXSA-AOS-5_10_10.NASL", "NUTANIX_NXSA-AOS-5_11_2_1.NASL", "NUTANIX_NXSA-AOS-5_11_3.NASL", "NUTANIX_NXSA-AOS-5_15_3.NASL", "NUTANIX_NXSA-AOS-5_16_0_1.NASL", "NUTANIX_NXSA-AOS-5_16_1.NASL", "NUTANIX_NXSA-AOS-5_17.NASL", "NUTANIX_NXSA-AOS-5_17_1.NASL", "NUTANIX_NXSA-AOS-5_18.NASL", "OPENSUSE-2019-1479.NASL", "OPENSUSE-2019-1570.NASL", "OPENSUSE-2019-1571.NASL", "OPENSUSE-2019-1579.NASL", "OPENSUSE-2019-1716.NASL", "OPENSUSE-2019-1757.NASL", "OPENSUSE-2019-1923.NASL", "OPENSUSE-2019-1924.NASL", "ORACLELINUX_ELSA-2019-1873.NASL", "ORACLELINUX_ELSA-2019-2411.NASL", "ORACLELINUX_ELSA-2019-2473.NASL", "ORACLELINUX_ELSA-2019-2600.NASL", "ORACLELINUX_ELSA-2019-4729.NASL", "ORACLELINUX_ELSA-2019-4735.NASL", "ORACLELINUX_ELSA-2019-4739.NASL", "ORACLELINUX_ELSA-2019-4741.NASL", "ORACLELINUX_ELSA-2019-4775.NASL", "ORACLELINUX_ELSA-2019-4777.NASL", "ORACLEVM_OVMSA-2019-0038.NASL", "ORACLEVM_OVMSA-2019-0039.NASL", "PHOTONOS_PHSA-2019-1_0-0240_LINUX.NASL", "PHOTONOS_PHSA-2019-2_0-0165_LINUX.NASL", "PHOTONOS_PHSA-2019-3_0-0026_LINUX.NASL", "REDHAT-RHSA-2019-1873.NASL", "REDHAT-RHSA-2019-1891.NASL", "REDHAT-RHSA-2019-2029.NASL", "REDHAT-RHSA-2019-2043.NASL", "REDHAT-RHSA-2019-2405.NASL", "REDHAT-RHSA-2019-2411.NASL", "REDHAT-RHSA-2019-2473.NASL", "REDHAT-RHSA-2019-2476.NASL", "REDHAT-RHSA-2019-2600.NASL", "REDHAT-RHSA-2019-2609.NASL", "REDHAT-RHSA-2019-2695.NASL", "REDHAT-RHSA-2019-2696.NASL", "REDHAT-RHSA-2019-2730.NASL", "REDHAT-RHSA-2019-2809.NASL", "REDHAT-RHSA-2019-2899.NASL", "REDHAT-RHSA-2019-2900.NASL", "REDHAT-RHSA-2019-2975.NASL", "REDHAT-RHSA-2019-3011.NASL", "REDHAT-RHSA-2019-3220.NASL", "REDHAT-RHSA-2019-3309.NASL", "REDHAT-RHSA-2019-3517.NASL", "REDHAT-RHSA-2020-0740.NASL", "REDHAT-RHSA-2020-1016.NASL", "REDHAT-RHSA-2020-1070.NASL", "REDHAT-RHSA-2020-1567.NASL", "REDHAT-RHSA-2020-1769.NASL", "REDHAT-RHSA-2020-2522.NASL", "SLACKWARE_SSA_2019-169-01.NASL", "SLACKWARE_SSA_2019-202-01.NASL", "SLACKWARE_SSA_2019-226-01.NASL", "SL_20190729_KERNEL_ON_SL7_X.NASL", "SL_20190806_KERNEL_ON_SL7_X.NASL", "SL_20190813_KERNEL_ON_SL6_X.NASL", "SL_20190903_KERNEL_ON_SL7_X.NASL", "SL_20200407_KERNEL_ON_SL7_X.NASL", "SMB_NT_MS19_JUL_4507435.NASL", "SMB_NT_MS19_JUL_4507448.NASL", "SMB_NT_MS19_JUL_4507449.NASL", "SMB_NT_MS19_JUL_4507450.NASL", "SMB_NT_MS19_JUL_4507452.NASL", "SMB_NT_MS19_JUL_4507453.NASL", "SMB_NT_MS19_JUL_4507455.NASL", "SMB_NT_MS19_JUL_4507458.NASL", "SMB_NT_MS19_JUL_4507460.NASL", "SMB_NT_MS19_JUL_4507462.NASL", "SMB_NT_MS19_JUL_4507469.NASL", "SUSE_SU-2019-14157-1.NASL", "SUSE_SU-2019-1527-1.NASL", "SUSE_SU-2019-1529-1.NASL", "SUSE_SU-2019-1530-1.NASL", "SUSE_SU-2019-1532-1.NASL", "SUSE_SU-2019-1533-1.NASL", "SUSE_SU-2019-1534-1.NASL", "SUSE_SU-2019-1535-1.NASL", "SUSE_SU-2019-1536-1.NASL", "SUSE_SU-2019-1550-1.NASL", "SUSE_SU-2019-1692-1.NASL", "SUSE_SU-2019-1744-1.NASL", "SUSE_SU-2019-1829-1.NASL", "SUSE_SU-2019-1851-1.NASL", "SUSE_SU-2019-1855-1.NASL", "SUSE_SU-2019-2068-1.NASL", "SUSE_SU-2019-2070-1.NASL", "SUSE_SU-2019-2071-1.NASL", "SUSE_SU-2019-2072-1.NASL", "SUSE_SU-2019-2073-1.NASL", "SUSE_SU-2019-2262-1.NASL", "SUSE_SU-2019-2263-1.NASL", "SUSE_SU-2019-2299-1.NASL", "SUSE_SU-2019-2430-1.NASL", "SUSE_SU-2019-2949-1.NASL", "SUSE_SU-2019-2984-1.NASL", "SUSE_SU-2019-3228-1.NASL", "SUSE_SU-2019-3230-1.NASL", "SUSE_SU-2019-3232-1.NASL", "SUSE_SU-2019-3258-1.NASL", "SUSE_SU-2019-3260-1.NASL", "SUSE_SU-2019-3261-1.NASL", "SUSE_SU-2019-3263-1.NASL", "UBUNTU_USN-4068-1.NASL", "UBUNTU_USN-4068-2.NASL", "UBUNTU_USN-4069-1.NASL", "UBUNTU_USN-4069-2.NASL", "UBUNTU_USN-4076-1.NASL", "UBUNTU_USN-4093-1.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4095-1.NASL", "UBUNTU_USN-4096-1.NASL", "UBUNTU_USN-4115-1.NASL", "UBUNTU_USN-4115-2.NASL", "UBUNTU_USN-4117-1.NASL", "UBUNTU_USN-4118-1.NASL", "UBUNTU_USN-4145-1.NASL", "UBUNTU_USN-4147-1.NASL", "VIRTUOZZO_VZA-2019-064.NASL", "VIRTUOZZO_VZA-2019-067.NASL", "VIRTUOZZO_VZA-2019-068.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108620", "OPENVAS:1361412562310108766", "OPENVAS:1361412562310108767", "OPENVAS:1361412562310704465", "OPENVAS:1361412562310704484", "OPENVAS:1361412562310704495", "OPENVAS:1361412562310704497", "OPENVAS:1361412562310815400", "OPENVAS:1361412562310815401", "OPENVAS:1361412562310815402", "OPENVAS:1361412562310815403", "OPENVAS:1361412562310815404", "OPENVAS:1361412562310815406", "OPENVAS:1361412562310815408", "OPENVAS:1361412562310815409", "OPENVAS:1361412562310815410", "OPENVAS:1361412562310815513", "OPENVAS:1361412562310815514", "OPENVAS:1361412562310844102", "OPENVAS:1361412562310844103", "OPENVAS:1361412562310844104", "OPENVAS:1361412562310844111", "OPENVAS:1361412562310844121", "OPENVAS:1361412562310844131", "OPENVAS:1361412562310844133", "OPENVAS:1361412562310844134", "OPENVAS:1361412562310844136", "OPENVAS:1361412562310844156", "OPENVAS:1361412562310844158", "OPENVAS:1361412562310844159", "OPENVAS:1361412562310844174", "OPENVAS:1361412562310844192", "OPENVAS:1361412562310844194", "OPENVAS:1361412562310852568", "OPENVAS:1361412562310852570", "OPENVAS:1361412562310852611", "OPENVAS:1361412562310852665", "OPENVAS:1361412562310852851", "OPENVAS:1361412562310852870", "OPENVAS:1361412562310852917", "OPENVAS:1361412562310852928", "OPENVAS:1361412562310876445", "OPENVAS:1361412562310876446", "OPENVAS:1361412562310876449", "OPENVAS:1361412562310876466", "OPENVAS:1361412562310876467", "OPENVAS:1361412562310876476", "OPENVAS:1361412562310876477", "OPENVAS:1361412562310876479", "OPENVAS:1361412562310876489", "OPENVAS:1361412562310876510", "OPENVAS:1361412562310876515", "OPENVAS:1361412562310876543", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310876583", "OPENVAS:1361412562310876586", "OPENVAS:1361412562310876610", "OPENVAS:1361412562310876611", "OPENVAS:1361412562310876621", "OPENVAS:1361412562310876626", "OPENVAS:1361412562310876638", "OPENVAS:1361412562310876647", "OPENVAS:1361412562310876648", "OPENVAS:1361412562310876652", "OPENVAS:1361412562310876653", "OPENVAS:1361412562310876660", "OPENVAS:1361412562310876666", "OPENVAS:1361412562310876750", "OPENVAS:1361412562310876753", "OPENVAS:1361412562310876809", "OPENVAS:1361412562310876841", "OPENVAS:1361412562310876869", "OPENVAS:1361412562310876925", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310876995", "OPENVAS:1361412562310876999", "OPENVAS:1361412562310877052", "OPENVAS:1361412562310877058", "OPENVAS:1361412562310877070", "OPENVAS:1361412562310877370", "OPENVAS:1361412562310877476", "OPENVAS:1361412562310877540", "OPENVAS:1361412562310883095", "OPENVAS:1361412562310883096", "OPENVAS:1361412562310883107", "OPENVAS:1361412562310891823", "OPENVAS:1361412562310891824", "OPENVAS:1361412562310891862", "OPENVAS:1361412562310891863", "OPENVAS:1361412562310891884", "OPENVAS:1361412562310891885", "OPENVAS:1361412562311220191692", "OPENVAS:1361412562311220191702", "OPENVAS:1361412562311220191793", "OPENVAS:1361412562311220191919", "OPENVAS:1361412562311220191926", "OPENVAS:1361412562311220192068", "OPENVAS:1361412562311220192201", "OPENVAS:1361412562311220192274", "OPENVAS:1361412562311220192353", "OPENVAS:1361412562311220201186", "OPENVAS:1361412562311220201269", "OPENVAS:1361412562311220201452"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-1873", "ELSA-2019-2029", "ELSA-2019-2411", "ELSA-2019-2473", "ELSA-2019-2600", "ELSA-2019-2703", "ELSA-2019-2736", "ELSA-2019-3517", "ELSA-2019-4729", "ELSA-2019-4733", "ELSA-2019-4735", "ELSA-2019-4739", "ELSA-2019-4741", "ELSA-2019-4746", "ELSA-2019-4775", "ELSA-2019-4777", "ELSA-2020-1016", "ELSA-2020-1769"]}, {"type": "osv", "idList": ["OSV:DLA-1823-1", "OSV:DLA-1824-1", "OSV:DLA-1862-1", "OSV:DLA-1863-1", "OSV:DLA-1884-1", "OSV:DLA-1885-1", "OSV:DSA-4465-1", "OSV:DSA-4484-1", "OSV:DSA-4495-1", "OSV:DSA-4497-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:154957", "PACKETSTORM:156929", "PACKETSTORM:165051"]}, {"type": "photon", "idList": ["PHSA-2019-0021", "PHSA-2019-0026", "PHSA-2019-0161", "PHSA-2019-0165", "PHSA-2019-0175", "PHSA-2019-0240", "PHSA-2019-0245", "PHSA-2019-0250", "PHSA-2019-1.0-0238", "PHSA-2019-1.0-0240", "PHSA-2019-1.0-0248", "PHSA-2019-2.0-0161", "PHSA-2019-2.0-0165", "PHSA-2019-2.0-0175", "PHSA-2019-3.0-0021", "PHSA-2019-3.0-0026", "PHSA-2020-3.0-0118"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3"]}, {"type": "redhat", "idList": ["RHSA-2019:1873", "RHSA-2019:1891", "RHSA-2019:2029", "RHSA-2019:2043", "RHSA-2019:2405", "RHSA-2019:2411", "RHSA-2019:2473", "RHSA-2019:2476", "RHSA-2019:2600", "RHSA-2019:2609", "RHSA-2019:2695", "RHSA-2019:2696", "RHSA-2019:2730", "RHSA-2019:2809", "RHSA-2019:2899", "RHSA-2019:2900", "RHSA-2019:2975", "RHSA-2019:3011", "RHSA-2019:3220", "RHSA-2019:3309", "RHSA-2019:3517", "RHSA-2020:0740", "RHSA-2020:1016", "RHSA-2020:1070", "RHSA-2020:1567", "RHSA-2020:1769", "RHSA-2020:2522"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-16871", "RH:CVE-2019-1125", "RH:CVE-2019-11833", "RH:CVE-2019-12378", "RH:CVE-2019-12381", "RH:CVE-2019-12382", "RH:CVE-2019-13272", "RH:CVE-2019-13631"]}, {"type": "slackware", "idList": ["SSA-2019-169-01", "SSA-2019-202-01", "SSA-2019-226-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1479-1", "OPENSUSE-SU-2019:1570-1", "OPENSUSE-SU-2019:1571-1", "OPENSUSE-SU-2019:1579-1", "OPENSUSE-SU-2019:1716-1", "OPENSUSE-SU-2019:1757-1", "OPENSUSE-SU-2019:1923-1", "OPENSUSE-SU-2019:1924-1"]}, {"type": "symantec", "idList": ["SMNTC-109016", "SMNTC-109020"]}, {"type": "talosblog", "idList": ["TALOSBLOG:07D81B04EFE21AC0E3C8DD9F1F76E7A4"]}, {"type": "thn", "idList": ["THN:E3EB255FBC069136903C8881DF473DF0"]}, {"type": "threatpost", "idList": ["THREATPOST:25B39CC0AC8A2CF8DE7334F890A87907"]}, {"type": "ubuntu", "idList": ["USN-4068-1", "USN-4068-2", "USN-4069-1", "USN-4069-2", "USN-4076-1", "USN-4093-1", "USN-4094-1", "USN-4095-1", "USN-4095-2", "USN-4096-1", "USN-4115-1", "USN-4115-2", "USN-4117-1", "USN-4118-1", "USN-4145-1", "USN-4147-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-16871", "UB:CVE-2019-1125", "UB:CVE-2019-11833", "UB:CVE-2019-12378", "UB:CVE-2019-12381", "UB:CVE-2019-12382", "UB:CVE-2019-13272", "UB:CVE-2019-13631"]}, {"type": "veracode", "idList": ["VERACODE:20974", "VERACODE:21066", "VERACODE:21203", "VERACODE:22923"]}, {"type": "virtuozzo", "idList": ["VZA-2019-064", "VZA-2019-066", "VZA-2019-067", "VZA-2019-068"]}, {"type": "zdt", "idList": ["1337DAY-ID-32994", "1337DAY-ID-33027", "1337DAY-ID-33410", "1337DAY-ID-33968", "1337DAY-ID-34151", "1337DAY-ID-37072"]}]}, "score": {"value": -0.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2019-1253"]}, {"type": "androidsecurity", "idList": ["ANDROID:2019-11-01"]}, {"type": "attackerkb", "idList": ["AKB:ADDB2585-1F1E-4954-96CC-D10B59171D41"]}, {"type": "centos", "idList": ["CESA-2019:1873", "CESA-2019:2473", "CESA-2020:1016"]}, {"type": "cisa", "idList": ["CISA:715DF5B957A42D91B3B79897B8FD61F2"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:3CD9371F7B812821D289B3B89526722F", "CFOUNDRY:80E5E37692FEC22672DA18E221852B5D"]}, {"type": "cve", "idList": ["CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125", "CVE-2019-11833", "CVE-2019-12378", "CVE-2019-12381", "CVE-2019-12382", "CVE-2019-13272", "CVE-2019-13631"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1823-1:39845", "DEBIAN:DLA-1824-1:6789E", "DEBIAN:DLA-1862-1:8E150", "DEBIAN:DLA-1863-1:26EA8", "DEBIAN:DLA-1884-1:61F35", "DEBIAN:DLA-1885-1:84558", "DEBIAN:DSA-4465-1:304F1", "DEBIAN:DSA-4484-1:9995E", "DEBIAN:DSA-4495-1:1269E", "DEBIAN:DSA-4497-1:7E46B"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-16871", "DEBIANCVE:CVE-2019-1125", "DEBIANCVE:CVE-2019-11833", "DEBIANCVE:CVE-2019-12378", "DEBIANCVE:CVE-2019-12381", "DEBIANCVE:CVE-2019-12382", "DEBIANCVE:CVE-2019-13272", "DEBIANCVE:CVE-2019-13631"]}, {"type": "exploitdb", "idList": ["EDB-ID:47163", "EDB-ID:47543"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B9569B6E7A5B893D9E83922DA7DE24BA"]}, {"type": "f5", "idList": ["F5:K31085564", "F5:K91025336"]}, {"type": "fedora", "idList": ["FEDORA:02DB1605FC5C", "FEDORA:041196190421", "FEDORA:04868606351B", "FEDORA:07B5A6CB4421", "FEDORA:1BD5B6389B47", "FEDORA:2836F613193B", "FEDORA:344346042F3E", "FEDORA:3A3766C5B5A2", "FEDORA:3A69E60B3E88", "FEDORA:4002B609954A", "FEDORA:4CEF5610D7CA", "FEDORA:4F21B6125E50", "FEDORA:511986124F82", "FEDORA:511A7608E6E1", "FEDORA:54AA460F2356", "FEDORA:59E3F606D998", "FEDORA:5A4D662AE22C", "FEDORA:5BC786077CC2", "FEDORA:6B43460C450E", "FEDORA:6D98A6187237", "FEDORA:6E67663233DB", "FEDORA:754F860A98ED", "FEDORA:79EAC605FC25", "FEDORA:84FBF6179A05", "FEDORA:8F84F6C2FA80", "FEDORA:9801060D30FA", "FEDORA:98E8F6079A11", "FEDORA:99396612EAD6", "FEDORA:9BEAD610ED74", "FEDORA:B8E1B6130727", "FEDORA:BDA53610ED61", "FEDORA:BF5EC607125E", "FEDORA:C0A4560C423F", "FEDORA:C1EA6603ECEC", "FEDORA:C4D496071279", "FEDORA:C63656040AE1", "FEDORA:C6AF860C4240", "FEDORA:C7391611860D", "FEDORA:CB0956087865", "FEDORA:D3523607924A", "FEDORA:D6A96605FC57", "FEDORA:DC3AA613A0AB"]}, {"type": "fortinet", "idList": ["FG-IR-18-002"]}, {"type": "githubexploit", "idList": ["21C02459-836A-5B10-9130-27953475DA2A", "3EFA325D-5BA7-5EF3-9D27-F1E642D0DE95", "8C344C6F-D882-5801-AA22-22F5F3F4B4DB", "BFC7AA0E-B692-55B8-BECA-F6DAF024FADD", "C332FD21-E85D-5C7D-95FC-3CF453E1E5B9", "DADF6C7C-8CAD-5148-81FC-1572BAD544E9"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20200408-01-SWAPGS"]}, {"type": "ibm", "idList": ["270E7F8D6C0BA0C052D17A0F1714E8401CE49A076E5AA43582D8DA42ACFE3121", "4BB2759DF5CBB6BF54A7D60BF1046942C755D661255DAAC4EF3C0614D1A3AF9A", "9B3C2542A224A170177BC588D64FBAC641AEB3A7ED64BDCAE097C03AA1143EDF", "E76CF6F7C58DE085B1D5F988B60566AC28A05EF3B19F25A856F2533F5B3684AE"]}, {"type": "kaspersky", "idList": ["KLA11529", "KLA11696", "KLA11700"]}, {"type": "lenovo", "idList": ["LENOVO:PS500167-SPECULATIVE-EXECUTION-SIDE-CHANNEL-VULNERABILITY-VARIANTS-NOSID"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/LINUX/LOCAL/PTRACE_TRACEME_PKEXEC_HELPER"]}, {"type": "mscve", "idList": ["MS:CVE-2019-1125"]}, {"type": "mskb", "idList": ["KB4507455"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1214.NASL", "AL2_ALAS-2019-1253.NASL", "ALA_ALAS-2019-1253.NASL", "CENTOS_RHSA-2019-1873.NASL", "CENTOS_RHSA-2019-2029.NASL", "CENTOS_RHSA-2019-2473.NASL", "CENTOS_RHSA-2019-2600.NASL", "CENTOS_RHSA-2020-1016.NASL", "DEBIAN_DLA-1823.NASL", "DEBIAN_DLA-1824.NASL", "DEBIAN_DLA-1862.NASL", "DEBIAN_DLA-1863.NASL", "DEBIAN_DLA-1884.NASL", "DEBIAN_DLA-1885.NASL", "DEBIAN_DSA-4465.NASL", "DEBIAN_DSA-4484.NASL", "DEBIAN_DSA-4495.NASL", "DEBIAN_DSA-4497.NASL", "EULEROS_SA-2019-1692.NASL", "EULEROS_SA-2019-1702.NASL", "EULEROS_SA-2019-1793.NASL", "EULEROS_SA-2019-1919.NASL", "EULEROS_SA-2019-1926.NASL", "EULEROS_SA-2019-2068.NASL", "EULEROS_SA-2020-1452.NASL", "FEDORA_2019-3DBFAEAC73.NASL", "FEDORA_2019-48B34FC991.NASL", "FEDORA_2019-6BDA4C81F4.NASL", "FEDORA_2019-7EC378191E.NASL", "FEDORA_2019-9D3FE6FD5B.NASL", "FEDORA_2019-A95015E60F.NASL", "FEDORA_2019-E37C348348.NASL", "FEDORA_2019-F40BD7826F.NASL", "NEWSTART_CGSL_NS-SA-2019-0177_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0180_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0183_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0189_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0200_KERNEL.NASL", "OPENSUSE-2019-1479.NASL", "OPENSUSE-2019-1570.NASL", "OPENSUSE-2019-1571.NASL", "OPENSUSE-2019-1579.NASL", "OPENSUSE-2019-1716.NASL", "OPENSUSE-2019-1757.NASL", "OPENSUSE-2019-1923.NASL", "OPENSUSE-2019-1924.NASL", "ORACLELINUX_ELSA-2019-1873.NASL", "ORACLELINUX_ELSA-2019-2411.NASL", "ORACLELINUX_ELSA-2019-2473.NASL", "ORACLELINUX_ELSA-2019-2600.NASL", "ORACLELINUX_ELSA-2019-4729.NASL", "ORACLELINUX_ELSA-2019-4735.NASL", "ORACLELINUX_ELSA-2019-4739.NASL", "ORACLELINUX_ELSA-2019-4741.NASL", "ORACLELINUX_ELSA-2019-4775.NASL", "ORACLELINUX_ELSA-2019-4777.NASL", "ORACLEVM_OVMSA-2019-0038.NASL", "ORACLEVM_OVMSA-2019-0039.NASL", "PHOTONOS_PHSA-2019-1_0-0240_LINUX.NASL", "PHOTONOS_PHSA-2019-2_0-0165_LINUX.NASL", "PHOTONOS_PHSA-2019-3_0-0026_LINUX.NASL", "REDHAT-RHSA-2019-1873.NASL", "REDHAT-RHSA-2019-1891.NASL", "REDHAT-RHSA-2019-2029.NASL", "REDHAT-RHSA-2019-2043.NASL", "REDHAT-RHSA-2019-2405.NASL", "REDHAT-RHSA-2019-2411.NASL", "REDHAT-RHSA-2019-2473.NASL", "REDHAT-RHSA-2019-2476.NASL", "REDHAT-RHSA-2019-2600.NASL", "REDHAT-RHSA-2019-2609.NASL", "REDHAT-RHSA-2019-2695.NASL", "REDHAT-RHSA-2019-2696.NASL", "REDHAT-RHSA-2019-2730.NASL", "REDHAT-RHSA-2019-2809.NASL", "REDHAT-RHSA-2019-2899.NASL", "REDHAT-RHSA-2019-2900.NASL", "REDHAT-RHSA-2019-2975.NASL", "REDHAT-RHSA-2019-3011.NASL", "REDHAT-RHSA-2019-3220.NASL", "REDHAT-RHSA-2020-1016.NASL", "REDHAT-RHSA-2020-1070.NASL", "SLACKWARE_SSA_2019-169-01.NASL", "SLACKWARE_SSA_2019-202-01.NASL", "SLACKWARE_SSA_2019-226-01.NASL", "SL_20190729_KERNEL_ON_SL7_X.NASL", "SL_20190806_KERNEL_ON_SL7_X.NASL", "SL_20190813_KERNEL_ON_SL6_X.NASL", "SL_20190903_KERNEL_ON_SL7_X.NASL", "SMB_NT_MS19_JUL_4507435.NASL", "SMB_NT_MS19_JUL_4507448.NASL", "SMB_NT_MS19_JUL_4507450.NASL", "SMB_NT_MS19_JUL_4507453.NASL", "SMB_NT_MS19_JUL_4507455.NASL", "SMB_NT_MS19_JUL_4507458.NASL", "SMB_NT_MS19_JUL_4507460.NASL", "SMB_NT_MS19_JUL_4507462.NASL", "SMB_NT_MS19_JUL_4507469.NASL", "SUSE_SU-2019-1527-1.NASL", "SUSE_SU-2019-1529-1.NASL", "SUSE_SU-2019-1530-1.NASL", "SUSE_SU-2019-1532-1.NASL", "SUSE_SU-2019-1533-1.NASL", "SUSE_SU-2019-1534-1.NASL", "SUSE_SU-2019-1535-1.NASL", "SUSE_SU-2019-1536-1.NASL", "SUSE_SU-2019-1550-1.NASL", "SUSE_SU-2019-1692-1.NASL", "SUSE_SU-2019-1744-1.NASL", "SUSE_SU-2019-1829-1.NASL", "SUSE_SU-2019-1851-1.NASL", "SUSE_SU-2019-1855-1.NASL", "SUSE_SU-2019-2068-1.NASL", "SUSE_SU-2019-2070-1.NASL", "SUSE_SU-2019-2071-1.NASL", "SUSE_SU-2019-2072-1.NASL", "SUSE_SU-2019-2073-1.NASL", "SUSE_SU-2019-2262-1.NASL", "SUSE_SU-2019-2263-1.NASL", "SUSE_SU-2019-2299-1.NASL", "SUSE_SU-2019-2430-1.NASL", "SUSE_SU-2019-3228-1.NASL", "SUSE_SU-2019-3230-1.NASL", "SUSE_SU-2019-3232-1.NASL", "SUSE_SU-2019-3258-1.NASL", "SUSE_SU-2019-3260-1.NASL", "SUSE_SU-2019-3261-1.NASL", "SUSE_SU-2019-3263-1.NASL", "UBUNTU_USN-4068-1.NASL", "UBUNTU_USN-4068-2.NASL", "UBUNTU_USN-4069-1.NASL", "UBUNTU_USN-4069-2.NASL", "UBUNTU_USN-4076-1.NASL", "UBUNTU_USN-4093-1.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4095-1.NASL", "UBUNTU_USN-4096-1.NASL", "UBUNTU_USN-4115-1.NASL", "UBUNTU_USN-4115-2.NASL", "UBUNTU_USN-4117-1.NASL", "UBUNTU_USN-4118-1.NASL", "UBUNTU_USN-4145-1.NASL", "UBUNTU_USN-4147-1.NASL", "VIRTUOZZO_VZA-2019-067.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108620", "OPENVAS:1361412562310704465", "OPENVAS:1361412562310704484", "OPENVAS:1361412562310704495", "OPENVAS:1361412562310815400", "OPENVAS:1361412562310815401", "OPENVAS:1361412562310815402", "OPENVAS:1361412562310815403", "OPENVAS:1361412562310815404", "OPENVAS:1361412562310815406", "OPENVAS:1361412562310815408", "OPENVAS:1361412562310815409", "OPENVAS:1361412562310815410", "OPENVAS:1361412562310815513", "OPENVAS:1361412562310815514", "OPENVAS:1361412562310844102", "OPENVAS:1361412562310844103", "OPENVAS:1361412562310844104", "OPENVAS:1361412562310844111", "OPENVAS:1361412562310844121", "OPENVAS:1361412562310844131", "OPENVAS:1361412562310844133", "OPENVAS:1361412562310844134", "OPENVAS:1361412562310844136", "OPENVAS:1361412562310844156", "OPENVAS:1361412562310844158", "OPENVAS:1361412562310844159", "OPENVAS:1361412562310852568", "OPENVAS:1361412562310852570", "OPENVAS:1361412562310852611", "OPENVAS:1361412562310852665", "OPENVAS:1361412562310876445", "OPENVAS:1361412562310876446", "OPENVAS:1361412562310876449", "OPENVAS:1361412562310876466", "OPENVAS:1361412562310876467", "OPENVAS:1361412562310876476", "OPENVAS:1361412562310876477", "OPENVAS:1361412562310876479", "OPENVAS:1361412562310876489", "OPENVAS:1361412562310876510", "OPENVAS:1361412562310876515", "OPENVAS:1361412562310876543", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310876583", "OPENVAS:1361412562310876586", "OPENVAS:1361412562310876610", "OPENVAS:1361412562310876611", "OPENVAS:1361412562310876621", "OPENVAS:1361412562310876626", "OPENVAS:1361412562310876638", "OPENVAS:1361412562310876647", "OPENVAS:1361412562310876648", "OPENVAS:1361412562310876652", "OPENVAS:1361412562310876653", "OPENVAS:1361412562310876660", "OPENVAS:1361412562310876666", "OPENVAS:1361412562310876750", "OPENVAS:1361412562310876753", "OPENVAS:1361412562310876925", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310877052", "OPENVAS:1361412562310877058", "OPENVAS:1361412562310877070", "OPENVAS:1361412562310883095", "OPENVAS:1361412562310883096", "OPENVAS:1361412562310891823", "OPENVAS:1361412562310891824", "OPENVAS:1361412562310891862", "OPENVAS:1361412562310891863", "OPENVAS:1361412562310891884", "OPENVAS:1361412562310891885", "OPENVAS:1361412562311220201452"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-1873", "ELSA-2019-2029", "ELSA-2019-2411", "ELSA-2019-2473", "ELSA-2019-2600", "ELSA-2019-4729", "ELSA-2019-4733", "ELSA-2019-4735", "ELSA-2019-4739", "ELSA-2019-4741", "ELSA-2019-4746", "ELSA-2019-4775", "ELSA-2019-4777", "ELSA-2020-1016"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:154957"]}, {"type": "photon", "idList": ["PHSA-2019-1.0-0238", "PHSA-2019-1.0-0240", "PHSA-2019-2.0-0161", "PHSA-2019-2.0-0165", "PHSA-2019-2.0-0175", "PHSA-2019-3.0-0021", "PHSA-2019-3.0-0026"]}, {"type": "redhat", "idList": ["RHSA-2019:2405", "RHSA-2019:2411", "RHSA-2019:2473", "RHSA-2019:2600", "RHSA-2019:2609"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-13631"]}, {"type": "slackware", "idList": ["SSA-2019-169-01", "SSA-2019-202-01", "SSA-2019-226-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1479-1", "OPENSUSE-SU-2019:1570-1", "OPENSUSE-SU-2019:1571-1", "OPENSUSE-SU-2019:1579-1", "OPENSUSE-SU-2019:1716-1", "OPENSUSE-SU-2019:1757-1", "OPENSUSE-SU-2019:1923-1", "OPENSUSE-SU-2019:1924-1"]}, {"type": "thn", "idList": ["THN:E3EB255FBC069136903C8881DF473DF0"]}, {"type": "threatpost", "idList": ["THREATPOST:25B39CC0AC8A2CF8DE7334F890A87907"]}, {"type": "ubuntu", "idList": ["USN-4068-1", "USN-4068-2", "USN-4069-1", "USN-4076-1", "USN-4093-1", "USN-4094-1", "USN-4095-1", "USN-4095-2", "USN-4096-1", "USN-4115-1", "USN-4117-1", "USN-4118-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-1125"]}, {"type": "virtuozzo", "idList": ["VZA-2019-064", "VZA-2019-066", "VZA-2019-067", "VZA-2019-068"]}, {"type": "zdt", "idList": ["1337DAY-ID-32994", "1337DAY-ID-33027", "1337DAY-ID-33410"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2018-16871", "epss": 0.00778, "percentile": 0.78808, "modified": "2023-05-06"}, {"cve": "CVE-2019-1071", "epss": 0.00049, "percentile": 0.15418, "modified": "2023-05-06"}, {"cve": "CVE-2019-1073", "epss": 0.00049, "percentile": 0.15418, "modified": "2023-05-06"}, {"cve": "CVE-2019-1125", "epss": 0.0008, "percentile": 0.32743, "modified": "2023-05-06"}, {"cve": "CVE-2019-11833", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-06"}, {"cve": "CVE-2019-12378", "epss": 0.00045, "percentile": 0.12286, "modified": "2023-05-06"}, {"cve": "CVE-2019-12381", "epss": 0.00045, "percentile": 0.12286, "modified": "2023-05-06"}, {"cve": "CVE-2019-12382", "epss": 0.00045, "percentile": 0.12286, "modified": "2023-05-06"}, {"cve": "CVE-2019-13272", "epss": 0.00052, "percentile": 0.18044, "modified": "2023-05-06"}, {"cve": "CVE-2019-13631", "epss": 0.0018, "percentile": 0.53668, "modified": "2023-05-06"}], "vulnersScore": -0.2}, "_state": {"dependencies": 1685049388, "score": 1684938513, "epss": 0}, "_internal": {"score_hash": "3575d717f9072a0648b16e1224681b1c"}, "pluginID": "127985", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-4746.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127985);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\n \"CVE-2018-16871\",\n \"CVE-2019-1125\",\n \"CVE-2019-11833\",\n \"CVE-2019-12378\",\n \"CVE-2019-12381\",\n \"CVE-2019-12382\",\n \"CVE-2019-13272\",\n \"CVE-2019-13631\"\n );\n script_xref(name:\"IAVA\", value:\"2019-A-0284-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0285-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0290-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0293-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4746)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2019-4746 advisory.\n\n - fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the\n extent tree block, which might allow local users to obtain sensitive information by reading uninitialized\n data in the filesystem. (CVE-2019-11833)\n\n - ** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel\n through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of\n service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue.\n (CVE-2019-12378)\n\n - ** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel\n through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of\n service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used\n if it is NULL. (CVE-2019-12381)\n\n - A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to\n 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer\n dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS\n server. Any outstanding disk writes to the NFS server will be lost. (CVE-2018-16871)\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively\n access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from\n CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a\n malicious USB device can send an HID report that triggers an out-of-bounds write during generation of\n debugging messages. (CVE-2019-13631)\n\n - ** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the\n Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause\n a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as\n not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance\n for a NULL pointer dereference. (CVE-2019-12382)\n\n - In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the\n credentials of a process that wants to create a ptrace relationship, which allows local users to obtain\n root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops\n privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an\n object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of\n a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper\n with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.\n (CVE-2019-13272)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-4746.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13272\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.14.35-1902.4.8.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-4746');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.14';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-4.14.35-1902.4.8.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.14.35'},\n {'reference':'kernel-uek-4.14.35-1902.4.8.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.14.35'},\n {'reference':'kernel-uek-debug-4.14.35-1902.4.8.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.14.35'},\n {'reference':'kernel-uek-debug-4.14.35-1902.4.8.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.14.35'},\n {'reference':'kernel-uek-debug-devel-4.14.35-1902.4.8.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.14.35'},\n {'reference':'kernel-uek-debug-devel-4.14.35-1902.4.8.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.14.35'},\n {'reference':'kernel-uek-devel-4.14.35-1902.4.8.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.14.35'},\n {'reference':'kernel-uek-devel-4.14.35-1902.4.8.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.14.35'},\n {'reference':'kernel-uek-doc-4.14.35-1902.4.8.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.14.35'},\n {'reference':'kernel-uek-headers-4.14.35-1902.4.8.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-headers-4.14.35'},\n {'reference':'kernel-uek-tools-4.14.35-1902.4.8.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-4.14.35'},\n {'reference':'kernel-uek-tools-4.14.35-1902.4.8.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-4.14.35'},\n {'reference':'kernel-uek-tools-libs-4.14.35-1902.4.8.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-libs-4.14.35'},\n {'reference':'kernel-uek-tools-libs-devel-4.14.35-1902.4.8.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-libs-devel-4.14.35'},\n {'reference':'perf-4.14.35-1902.4.8.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.35-1902.4.8.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "naslFamily": "Oracle Linux Local Security Checks", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-headers", "p-cpe:/a:oracle:linux:kernel-uek-tools", "p-cpe:/a:oracle:linux:kernel-uek-tools-libs", "p-cpe:/a:oracle:linux:kernel-uek-tools-libs-devel", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2019-13272", "vendor_cvss2": {"score": 7.2, "vector": "CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "vpr": {"risk factor": "Critical", "score": "9.7"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2019-08-15T00:00:00", "vulnerabilityPublicationDate": "2018-11-30T00:00:00", "exploitableWith": ["Core Impact", "Metasploit(Linux Polkit pkexec helper PTRACE_TRACEME local root exploit)"]}

{"oraclelinux": [{"lastseen": "2021-07-28T14:24:43", "description": "[4.14.35-1902.4.8]\n- x86/boot: Clear RSDP address in boot_params for broken loaders (Juergen Gross) [Orabug: 30111373]\n[4.14.35-1902.4.7]\n- rds: ib: Qualify CM REQ duplicate detection with connection being up (Hakon Bugge) [Orabug: 30062149] \n- rds: Further prioritize local loop-back connections (Hakon Bugge) [Orabug: 30062149] \n- rds: Fix initial zero delay when queuing re-connect work (Hakon Bugge) [Orabug: 30062149] \n- rds: Re-introduce separate work-queue for local connections (Hakon Bugge) [Orabug: 30062149] \n- mm: Fixes /proc/vmstat bad values. (Chris Hyser) [Orabug: 29922051] \n- xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 (Dongli Zhang) [Orabug: 30068152] \n- ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (Jann Horn) [Orabug: 30074408] {CVE-2019-13272}\n- Input: gtco - bounds check collection indent level (Grant Hernandez) [Orabug: 30074412] {CVE-2019-13631}\n[4.14.35-1902.4.6]\n- x86/speculation: Exclude ATOMs from speculation through SWAPGS (Thomas Gleixner) [Orabug: 29967570] {CVE-2019-1125}\n- x86/speculation: Enable Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 29967570] {CVE-2019-1125}\n- x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 29967570] {CVE-2019-1125}\n- scsi: megaraid_sas: fix panic on loading firmware crashdump (Junxiao Bi) [Orabug: 30109946] \n- rds: Not all huge pages are released after app shutdown (Ka-Cheong Poon) [Orabug: 30095424]\n[4.14.35-1902.4.5]\n- xen-netback: stop netif TX queue on guest queuing failure (Ankur Arora) [Orabug: 30028199] \n- KVM: x86: Allow Qemu/KVM to use PVH entry point (Maran Wilson) [Orabug: 30072494] \n- xen/pvh: Add memory map pointer to hvm_start_info struct (Maran Wilson) [Orabug: 30072494] \n- xen/pvh: Move Xen code for getting mem map via hcall out of common file (Maran Wilson) [Orabug: 30072494] \n- xen/pvh: Move Xen specific PVH VM initialization out of common file (Maran Wilson) [Orabug: 30072494] \n- xen/pvh: Create a new file for Xen specific PVH code (Maran Wilson) [Orabug: 30072494] \n- xen/pvh: Move PVH entry code out of Xen specific tree (Maran Wilson) [Orabug: 30072494] \n- xen/pvh: Split CONFIG_XEN_PVH into CONFIG_PVH and CONFIG_XEN_PVH (Maran Wilson) [Orabug: 30072494] \n- x86/acpi, x86/boot: Take RSDP address from boot params if available (Juergen Gross) [Orabug: 30072494] \n- x86/boot: Mostly revert commit ae7e1238e68f2a ('Add ACPI RSDP address to setup_header') (Juergen Gross) [Orabug: 30072494] \n- x86/acpi, x86/boot: Take RSDP address for boot params if available (Juergen Gross) [Orabug: 30072494] \n- ACPI, x86/boot: Introduce the ->reduced_hw_early_init() ACPI callback (Andy Shevchenko) [Orabug: 30072494] \n- ACPI, x86/boot: Split out acpi_generic_reduce_hw_init() and export (Andy Shevchenko) [Orabug: 30072494] \n- x86/boot: Add ACPI RSDP address to setup_header (Juergen Gross) [Orabug: 30072494] \n- x86/xen: Move pv irq related functions under CONFIG_XEN_PV umbrella (Juergen Gross) [Orabug: 30072494] \n- bnxt_en: Fix VNIC accounting when enabling aRFS on 57500 chips. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Suppress error messages when querying DSCP DCB capabilities. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Cap the returned MSIX vectors to the RDMA driver. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Fix statistics context reservation logic for RDMA driver. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Disable bus master during PCI shutdown and driver unload. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Reduce memory usage when running in kdump kernel. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Fix possible BUG() condition when calling pci_disable_msix(). (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Fix aggregation buffer leak under OOM condition. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Add device IDs 0x1806 and 0x1752 for 57500 devices. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Add support for aRFS on 57500 chips. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Query firmware capability to support aRFS on 57500 chips. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Improve NQ reservations. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Separate RDMA MR/AH context allocation. (Devesh Sharma) [Orabug: 30095123] \n- bnxt_en: read the clause type from the PHY ID (Vasundhara Volam) [Orabug: 30095123] \n- bnxt_en: Read package version from firmware. (Vasundhara Volam) [Orabug: 30095123] \n- bnxt_en: Check new firmware capability to display extended stats. (Vasundhara Volam) [Orabug: 30095123] \n- bnxt_en: Add support for PCIe statistics (Vasundhara Volam) [Orabug: 30095123] \n- bnxt_en: Refactor bnxt_alloc_stats(). (Vasundhara Volam) [Orabug: 30095123] \n- bnxt_en: Update firmware interface to 1.10.0.69. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt(). (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Fix statistics context reservation logic. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Pass correct extended TX port statistics size to firmware. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Fix possible crash in bnxt_hwrm_ring_free() under error conditions. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (Vasundhara Volam) [Orabug: 30095123] \n- bnxt_en: Improve multicast address setup logic. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Improve RX consumer index validity check. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Return relevant error code when offload fails (Sriharsha Basavapatna) [Orabug: 30095123] \n- bnxt_en: Add support for mdio read/write to external PHY (Vasundhara Volam) [Orabug: 30095123] \n- bnxt_en: Propagate trusted VF attribute to firmware. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Add support for BCM957504 (Erik Burrows) [Orabug: 30095123] \n- bnxt_en: Update firmware interface spec. to 1.10.0.47. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Disable interrupts when allocating CP rings or NQs. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Fix context memory allocation. (Michael Chan) [Orabug: 30095123] \n- bnxt_en: Fix ring checking logic on 57500 chips. (Michael Chan) [Orabug: 30095123] \n- nvme: fix possible io failures when removing multipathed ns (Anton Eidelman) [Orabug: 29962261] \n- nvme-multipath: sanitize nvme_update_ana_state() (Alan Adamson) [Orabug: 29962261] \n- Documentation: nvme: add an example for nvme fault injection (Akinobu Mita) [Orabug: 29962261] \n- nvme: enable to inject errors into admin commands (Akinobu Mita) [Orabug: 29962261] \n- nvme: prepare for fault injection into admin commands (Akinobu Mita) [Orabug: 29962261] \n- nvmet: rename nvme_completion instances from rsp to cqe (Max Gurtovoy) [Orabug: 29962261] \n- nvmet: introduce target-side trace (Minwoo Im) [Orabug: 29962261] \n- nvme-trace: print result and status in hex format (Minwoo Im) [Orabug: 29962261] \n- nvme-trace: support for fabrics commands in host-side (Minwoo Im) [Orabug: 29962261] \n- nvme-trace: move opcode symbol print to nvme.h (Minwoo Im) [Orabug: 29962261] \n- nvme-trace: do not export nvme_trace_disk_name (Minwoo Im) [Orabug: 29962261] \n- nvme-pci: clean up nvme_remove_dead_ctrl a bit (Chaitanya Kulkarni) [Orabug: 29962261] \n- nvme-pci: properly report state change failure in nvme_reset_work (Minwoo Im) [Orabug: 29962261] \n- nvme-pci: set the errno on ctrl state change error (Chaitanya Kulkarni) [Orabug: 29962261] \n- nvme-rdma: use dynamic dma mapping per command (Max Gurtovoy) [Orabug: 29962261] \n- nvme: Fix u32 overflow in the number of namespace list calculation (Jaesoo Lee) [Orabug: 29962261] \n- nvme-pci: don't limit DMA segement size (Christoph Hellwig) [Orabug: 29962261] \n- nvmet: fix data_len to 0 for bdev-backed write_zeroes (Minwoo Im) [Orabug: 29962261] \n- nvme: update MAINTAINERS (Keith Busch) [Orabug: 29962261] \n- nvme: copy MTFA field from identify controller (Laine Walker-Avina) [Orabug: 29962261] \n- nvme: fix memory leak for power latency tolerance (Yufen Yu) [Orabug: 29962261] \n- nvme: release namespace SRCU protection before performing controller ioctls (Christoph Hellwig) [Orabug: 29962261] \n- nvme: merge nvme_ns_ioctl into nvme_ioctl (Christoph Hellwig) [Orabug: 29962261] \n- nvme: remove the ifdef around nvme_nvm_ioctl (Christoph Hellwig) [Orabug: 29962261] \n- nvme: fix srcu locking on error return in nvme_get_ns_from_disk (Christoph Hellwig) [Orabug: 29962261] \n- nvme: Fix known effects (Keith Busch) [Orabug: 29962261] \n- nvme: trace all async notice events (Chaitanya Kulkarni) [Orabug: 29962261] \n- nvme: fix typos in nvme status code values (Minwoo Im) [Orabug: 29962261] \n- nvme-fabrics: remove unused argument (Minwoo Im) [Orabug: 29962261] \n- nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (Hannes Reinecke) [Orabug: 29962261] \n- nvme-fc: use separate work queue to avoid warning (Hannes Reinecke) [Orabug: 29962261] \n- nvme-rdma: remove redundant reference between ib_device and tagset (Max Gurtovoy) [Orabug: 29962261] \n- nvme-pci: mark expected switch fall-through (Gustavo A. R. Silva) [Orabug: 29962261] \n- nvme-pci: add known admin effects to augument admin effects log page (Maxim Levitsky) [Orabug: 29962261] \n- nvme-pci: init shadow doorbell after each reset (Maxim Levitsky) [Orabug: 29962261] \n- nvmet: protect discovery change log event list iteration (Sagi Grimberg) [Orabug: 29962261] \n- nvme: mark nvme_core_init and nvme_core_exit static (Christoph Hellwig) [Orabug: 29962261] \n- nvme-fabrics: check more command sizes (Minwoo Im) [Orabug: 29962261] \n- nvme-pci: check more command sizes (Minwoo Im) [Orabug: 29962261] \n- nvme-pci: remove an unneeded variable initialization (Minwoo Im) [Orabug: 29962261] \n- nvme-pci: unquiesce admin queue on shutdown (Keith Busch) [Orabug: 29962261] \n- nvme-pci: shutdown on timeout during deletion (Keith Busch) [Orabug: 29962261] \n- nvme-multipath: don't print ANA group state by default (Hannes Reinecke) [Orabug: 29962261] \n- nvme-multipath: split bios with the ns_head bio_set before submitting (Hannes Reinecke) [Orabug: 29962261] \n- nvme: set 0 capacity if namespace block size exceeds PAGE_SIZE (Sagi Grimberg) [Orabug: 29962261] \n- nvme-rdma: fix typo in struct comment (Minwoo Im) [Orabug: 29962261] \n- nvme-loop: kill timeout handler (Ming Lei) [Orabug: 29962261] \n- nvme-rdma: fix a NULL deref when an admin connect times out (Sagi Grimberg) [Orabug: 29962261] \n- nvmet-file: clamp-down file namespace lba_shift (Sagi Grimberg) [Orabug: 29962261] \n- nvmet: return a specified error it subsys_alloc fails (Minwoo Im) [Orabug: 29962261] \n- crypto: ccp - Make function sev_get_firmware() static (Wei Yongjun) [Orabug: 29995936] \n- crypto: ccp - Allow SEV firmware to be chosen based on Family and Model (Janakarajan Natarajan) [Orabug: 29995936] \n- mlx4_core: change log_num_{qp,rdmarc} with scale_profile (Mukesh Kacker) [Orabug: 30064454] \n- xen: let alloc_xenballooned_pages() fail if not enough memory free (Juergen Gross) [Orabug: 30073694] \n- Revert 'AMD: Change CONFIG_EDAC_DECODE_MCE to built-in' (George Kennedy) [Orabug: 30080605] \n- rds: Get rid of 'wait_clean_list_grace' and add locking (Ka-Cheong Poon) [Orabug: 30095415] \n- xfs: fix string handling in label get/set functions (Arnd Bergmann) [Orabug: 30069158] \n- xfs: implement online get/set fs label (Eric Sandeen) [Orabug: 30069158] \n- fs: copy BTRFS_IOC_[SG]ET_FSLABEL to vfs (Eric Sandeen) [Orabug: 30069158] \n- xfs: factor the ag length extension code into libxfs (Dave Chinner) [Orabug: 30069158] \n- xfs: move growfs core to libxfs (Dave Chinner) [Orabug: 30069158] \n- xfs: rework secondary superblock updates in growfs (Dave Chinner) [Orabug: 30069158] \n- xfs: separate secondary sb update in growfs (Dave Chinner) [Orabug: 30069158] \n- xfs: make imaxpct changes in growfs separate (Dave Chinner) [Orabug: 30069158] \n- xfs: turn ag header initialisation into a table driven operation (Dave Chinner) [Orabug: 30069158] \n- xfs: factor ag btree root block initialisation (Dave Chinner) [Orabug: 30069158] \n- xfs: convert growfs AG header init to use buffer lists (Dave Chinner) [Orabug: 30069158] \n- xfs: factor out AG header initialisation from growfs core (Dave Chinner) [Orabug: 30069158] \n- xfs: one-shot cached buffers (Dave Chinner) [Orabug: 30069158] \n- xfs: fix check on struct_version for versions 4 or greater (Colin Ian King) [Orabug: 30069158] \n- xfs: refactor the geometry structure filling function (Darrick J. Wong) [Orabug: 30069158] \n- xfs: hoist xfs_fs_geometry to libxfs (Darrick J. Wong) [Orabug: 30069158]\n[4.14.35-1902.4.4]\n- mm/memory-failure: Poison read receives SIGKILL instead of SIGBUS if mmaped more than once (Jane Chu) [Orabug: 30068525]\n[4.14.35-1902.4.3]\n- uek-rpm: Update firmware prerequisites to 20190627-999.2.git7ae3a09d. (John Donnelly) [Orabug: 30022604] \n- bnx2x: Use napi_alloc_frag() (Sebastian Andrzej Siewior) [Orabug: 30022604] \n- bnx2x: Add support for detection of P2P event packets. (Sudarsana Reddy Kalluru) [Orabug: 30022604] \n- bnx2x: Replace magic numbers with macro definitions. (Sudarsana Reddy Kalluru) [Orabug: 30022604] \n- bnx2x: fix spelling mistake 'dicline' -> 'decline' (Colin Ian King) [Orabug: 30022604] \n- bnx2x: Utilize FW 7.13.11.0. (Sudarsana Reddy Kalluru) [Orabug: 30022604] \n- bnx2x: Remove set but not used variable 'mfw_vn' (YueHaibing) [Orabug: 30022604] \n- bnx2x: Use struct_size() in kzalloc() (Gustavo A. R. Silva) [Orabug: 30022604] \n- bnx2x: Bump up driver version to 1.713.36 (Sudarsana Reddy Kalluru) [Orabug: 30022604] \n- bnx2x: fix various indentation issues (Colin Ian King) [Orabug: 30022604] \n- bnx2x: Add storm FW version to ethtool driver query output. (Sudarsana Reddy Kalluru) [Orabug: 30022604] \n- bnx2x: Add MBI version to ethtool driver query output. (Sudarsana Reddy Kalluru) [Orabug: 30022604] \n- bnx2x: remove ndo_poll_controller (Eric Dumazet) [Orabug: 30022604] \n- bnx2x: Provide VF link status in ndo_get_vf_config (Shahed Shaikh) [Orabug: 30022604] \n- bnx2x: Ignore bandwidth attention in single function mode (Shahed Shaikh) [Orabug: 30022604] \n- bnx2x: Add VF spoof-checking configuration (Shahed Shaikh) [Orabug: 30022604] \n- bnx2x: Mark expected switch fall-throughs (Gustavo A. R. Silva) [Orabug: 30022604] \n- bnx2x: Collect the device debug information during Tx timeout. (Sudarsana Reddy Kalluru) [Orabug: 30022604] \n- bnx2x: Report PCIe link properties with pcie_print_link_status() (Bjorn Helgaas) [Orabug: 30022604] \n- bnx2x: Eliminate duplicate barriers on weakly-ordered archs (Sinan Kaya) [Orabug: 30022604] \n- bnx2x: Replace doorbell barrier() with wmb() (Sinan Kaya) [Orabug: 30022604] \n- bnx2x: fix spelling mistake: 'registeration' -> 'registration' (Colin Ian King) [Orabug: 30022604] \n- bnx2x: Use NETIF_F_GRO_HW. (Michael Chan) [Orabug: 30022604] \n- bnx2x: fix slowpath null crash (Zhu Yanjun) [Orabug: 30022604] \n- bnx2x: Use pci_ari_enabled() instead of local copy (Bjorn Helgaas) [Orabug: 30022604] \n- tty: do not set TTY_IO_ERROR flag if console port (Chanho Park) [Orabug: 29792557] \n- cpuidle-haltpoll: register the driver only when running under KVM (Prasad Singamsetty) [Orabug: 30032481] \n- nvme: fix regression upon hot device removal and insertion (Sagi Grimberg) [Orabug: 30037301] \n- uek-rpm: Update UEK5 config files with 'make olddefconfig' (Victor Erminpour) [Orabug: 30038821] \n- BUG: sleeping function called from invalid context (Mihai Carabas) [Orabug: 30051449] \n- libnvdimm/bus: Fix wait_nvdimm_bus_probe_idle() ABBA deadlock (Dan Williams) [Orabug: 30054097] \n- libnvdimm/bus: Stop holding nvdimm_bus_list_mutex over __nd_ioctl() (Dan Williams) [Orabug: 30054097] \n- libnvdimm/region: Register badblocks before namespaces (Dan Williams) [Orabug: 30054097] \n- libnvdimm/bus: Prevent duplicate device_unregister() calls (Dan Williams) [Orabug: 30054097] \n- drivers/base: Introduce kill_device() (Dan Williams) [Orabug: 30054097] \n- driver core: Rewrite test_async_driver_probe to cover serialization and NUMA affinity (Alexander Duyck) [Orabug: 30054097] \n- libnvdimm: Schedule device registration on node local to the device (Alexander Duyck) [Orabug: 30054097] \n- PM core: Use new async_schedule_dev command (Alexander Duyck) [Orabug: 30054097] \n- driver core: Attach devices on CPU local to device node (Alexander Duyck) [Orabug: 30054097] \n- async: Add support for queueing on specific NUMA node (Alexander Duyck) [Orabug: 30054097] \n- workqueue: Provide queue_work_node to queue work near a given NUMA node (Alexander Duyck) [Orabug: 30054097] \n- driver core: Probe devices asynchronously instead of the driver (Alexander Duyck) [Orabug: 30054097] \n- device core: Consolidate locking and unlocking of parent and device (Alexander Duyck) [Orabug: 30054097] \n- driver core: Move async_synchronize_full call (Alexander Duyck) [Orabug: 30054097] \n- driver core: Establish order of operations for device_add and device_del via bitflag (Alexander Duyck) [Orabug: 30054097]\n[4.14.35-1902.4.2]\n- net: rds: fix rds recv memory leak (Zhu Yanjun) [Orabug: 30033646] \n- tools: sync uapi/linux/bpf.h (Lorenz Bauer) [Orabug: 30035420] \n- bpf: respect size hint to BPF_PROG_TEST_RUN if present (Lorenz Bauer) [Orabug: 30035420] \n- mm/devm_memremap_pages: fix final page put race (Dan Williams) [Orabug: 30039621] \n- mm/devm_memremap_pages: introduce devm_memunmap_pages (Dan Williams) [Orabug: 30039621] \n- drivers/base/devres: introduce devm_release_action() (Dan Williams) [Orabug: 30039621] \n- A/A-Bonding: Optimize rdmaip_impl_inetaddr_event() (Sudhakar Dindukurti) [Orabug: 30040348] \n- A/A-Bonding: ResilientRDMA does not failback on nodes configured with unused VFs starting in 1902.1.0 (Sudhakar Dindukurti) [Orabug: 30040348] \n- rds: Re-factor and avoid superfluous queuing of shutdown work (Hakon Bugge) [Orabug: 29994474] \n- rds: Re-factor and avoid superfluous queuing of reconnect work (Hakon Bugge) [Orabug: 29994482] \n- RDMA/core: Fix race when resolving IP address (Dag Moxnes) [Orabug: 29942385] \n- IB/cm: Remove now useless rcu_lock in dst_fetch_ha (Jason Gunthorpe) [Orabug: 29942385] \n- rds: ib: Flush ARP cache when connection attempt is rejected (Hakon Bugge) [Orabug: 29994467] \n- rds: ib: Set local ack timeout directly (Hakon Bugge) [Orabug: 29994471] \n- IB/cma: Define option to set ack timeout and pack tos_set (Danit Goldberg) [Orabug: 29994471] \n- rds: ib: Fix incorrect setting of cp_reconnect_racing (Hakon Bugge) [Orabug: 29994475] \n- RDMA/cma: Make CM response timeout and # CM retries configurable (Hakon Bugge) [Orabug: 29994478] \n- rds: ib: Correct the cm_id compare commit (Hakon Bugge) [Orabug: 29994483] \n- rds: Increase entropy in hashing (Hakon Bugge) [Orabug: 29994484] \n- rds: Avoid queuing superfluous send and recv work (Hakon Bugge) [Orabug: 29994489] \n- rds: ib: Resurrect the CQs instead of delete+create (Hakon Bugge) [Orabug: 29994454] \n- bnxt_en: Fix ethtool selftest crash under error conditions. (Michael Chan) [Orabug: 29903179] \n- [UEK-5] IB/mlx5_core: remove label err_rsrc for non ODB (Dag Moxnes) [Orabug: 30019605] \n- IB/mlx5: Fix compile issue when ODP disabled (Doug Ledford) [Orabug: 30019605] \n- IB/uverbs: UAPI pointers should use __aligned_u64 type (Matan Barak) [Orabug: 30019605] \n- IB/mlx5: Fixed reporting counters on 2nd port for Dual port RoCE (Parav Pandit) [Orabug: 30028209]\n[4.14.35-1902.4.1]\n- ghes, EDAC: Fix ghes_edac registration (Borislav Petkov) [Orabug: 29721336] \n- scsi: qede Fix the queue select callback for UEK5 (Jack Vogel) [Orabug: 29908708] \n- scsi: qedi: Add ep_state for login completion on un-reachable targets (Manish Rangankar) [Orabug: 29908708] \n- qed: Fix qed_ll2_post_rx_buffer_notify_fw() by adding a write memory barrier (Denis Bolotin) [Orabug: 29908708] \n- qed: Fix qed_chain_set_prod() for PBL chains with non power of 2 page count (Denis Bolotin) [Orabug: 29908708] \n- qedi: update driver version to 8.37.0.20 (Nilesh Javali) [Orabug: 29908708] \n- qedi: Check targetname while finding boot target information (Nilesh Javali) [Orabug: 29908708] \n- scsi: qedf: remove set but not used variables (YueHaibing) [Orabug: 29908708] \n- scsi: qedf: Update the driver version to 8.37.25.20 (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Add return value to log message if scsi_add_host fails (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Print fcport information on wait for upload timeout (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Check the return value of start_xmit (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Log message if scsi_add_host fails (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Check for fcoe_libfc_config failure (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Add comment to display logging levels (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Add port_id for fcport into initiate_cleanup debug message (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Add LBA to underrun debug messages (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Print scsi_cmd backpointer in good completion path if the command is still being used (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Add driver state to 'driver_stats' debugfs node (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Change MSI-X load error message (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: remove memset/memcpy to nfunc and use func instead (Colin Ian King) [Orabug: 29908708] \n- scsi: qedf: Remove set but not used variable 'fr_len' (YueHaibing) [Orabug: 29908708] \n- scsi: qedf: Update the driver version to 8.37.25.19 (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Fix lport may be used uninitialized warning (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Correctly handle refcounting of rdata (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Cleanup rrq_work after QEDF_CMD_OUTSTANDING is cleared (Shyam Sundar) [Orabug: 29908708] \n- scsi: qedf: Check for tm_flags instead of cmd_type during cleanup (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Add a flag to help debugging io_req which could not be cleaned (Shyam Sundar) [Orabug: 29908708] \n- scsi: qedf: Don't send ABTS for under run scenario (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Don't queue anything if upload is in progress (Shyam Sundar) [Orabug: 29908708] \n- scsi: qedf: Check both the FCF and fabric ID before servicing clear virtual link (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: fc_rport_priv reference counting fixes (Hannes Reinecke) [Orabug: 29908708] \n- scsi: qedf: Add missing return in qedf_scsi_done() (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Wait for upload and link down processing during soft ctx reset (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Add additional checks for io_req->sc_cmd validity (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: fixup bit operations (Hannes Reinecke) [Orabug: 29908708] \n- scsi: qedf: fixup locking in qedf_restart_rport() (Hannes Reinecke) [Orabug: 29908708] \n- scsi: qedf: missing kref_put in qedf_xmit() (Hannes Reinecke) [Orabug: 29908708] \n- scsi: qedf: Check for link state before processing LL2 packets and send fipvlan retries (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Add missing fc_disc_init call after allocating lport (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Correct the memory barriers in qedf_ring_doorbell (Andrew Vasquez) [Orabug: 29908708] \n- scsi: qedf: Use a separate completion for cleanup commands (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Modify abort and tmf handler to handle edge condition and flush (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Modify flush routine to handle all I/Os and TMF (Shyam Sundar) [Orabug: 29908708] \n- scsi: qedf: Simplify s/g list mapping (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Add missing return in qedf_post_io_req() in the fcport offload check (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Correct xid range overlap between offloaded requests and libfc requests (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Do not retry ELS request if qedf_alloc_cmd fails (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: no need to check return value of debugfs_create functions (Greg Kroah-Hartman) [Orabug: 29908708] \n- scsi: qedf: NULL check before some freeing functions is not needed (Thomas Meyer) [Orabug: 29908708] \n- scsi: qedf: fully convert to the generic DMA API (Christoph Hellwig) [Orabug: 29908708] \n- qedf: Add get_generic_tlv_data handler. (Chad Dupuis) [Orabug: 29908708] \n- qedf: Add support for populating ethernet TLVs. (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Update version number to 8.33.16.20 (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Update copyright for 2018 (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Add more defensive checks for concurrent error conditions (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Add additional checks when restarting an rport due to ABTS timeout (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: If qed fails to enable MSI-X fail PCI probe (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Honor default_prio module parameter even if DCBX does not converge (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Improve firmware debug dump handling (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Remove setting DCBX pending during soft context reset (Saurav Kashyap) [Orabug: 29908708] \n- scsi: qedf: Add task id to kref_get_unless_zero() debug messages when flushing requests (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Check if link is already up when receiving a link up event from qed (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Return request as DID_NO_CONNECT if MSI-X is not enabled (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Release RRQ reference correctly when RRQ command times out (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Honor priority from DCBX FCoE App tag (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Add dcbx_not_wait module parameter so we won't wait for DCBX convergence to start discovery (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Sanity check FCoE/FIP priority value to make sure it's between 0 and 7 (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Add check for offload before flushing I/Os for target (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Fix VLAN display when printing sent FIP frames (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Add missing skb frees in error path (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Increase the number of default FIP VLAN request retries to 60 (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: Synchronize rport restarts when multiple ELS commands time out (Chad Dupuis) [Orabug: 29908708] \n- scsi: qedf: use correct strncpy() size (Arnd Bergmann) [Orabug: 29908708] \n- scsi: qedf: fix LTO-enabled build (Arnd Bergmann) [Orabug: 29908708] \n- scsi: qedf: remove redundant initialization of 'fcport' (Colin Ian King) [Orabug: 29908708] \n- scsi: qedf: Fix error return code in __qedf_probe() (Wei Yongjun) [Orabug: 29908708] \n- scsi: qedi: remove set but not used variables 'cdev' and 'udev' (YueHaibing) [Orabug: 29908708] \n- scsi: qedi: remove memset/memcpy to nfunc and use func instead (YueHaibing) [Orabug: 29908708] \n- scsi: qedi: Adjust termination and offload ramrod timers (Manish Rangankar) [Orabug: 29908708] \n- scsi: qedi: Abort ep termination if offload not scheduled (Manish Rangankar) [Orabug: 29908708] \n- scsi: qedi: fix spelling mistake 'oflload' -> 'offload' (Colin Ian King) [Orabug: 29908708] \n- scsi: qedi: Remove set but not used variable 'cls_sess' (YueHaibing) [Orabug: 29908708] \n- scsi: qedi: Update driver version to 8.33.0.21 (Nilesh Javali) [Orabug: 29908708] \n- scsi: qedi: Move LL2 producer index processing in BH. (Manish Rangankar) [Orabug: 29908708] \n- scsi: qedi: add module param to set ping packet size (Nilesh Javali) [Orabug: 29908708] \n- scsi: qedi: Add packet filter in light L2 Rx path. (Manish Rangankar) [Orabug: 29908708] \n- scsi: qedi: Check for session online before getting iSCSI TLV data. (Manish Rangankar) [Orabug: 29908708] \n- scsi: qedi: Replace PAGE_SIZE with QEDI_PAGE_SIZE (Nilesh Javali) [Orabug: 29908708] \n- scsi: qedi: Fix spelling mistake 'OUSTANDING' -> 'OUTSTANDING' (Nilesh Javali) [Orabug: 29908708] \n- scsi: qedi: Cleanup redundant QEDI_PAGE_SIZE macro definition (Nilesh Javali) [Orabug: 29908708] \n- scsi: qedi: fully convert to the generic DMA API (Christoph Hellwig) [Orabug: 29908708] \n- scsi: qedi: Initialize the stats mutex lock (Nilesh Javali) [Orabug: 29908708] \n- scsi: qedi: Fix a potential buffer overflow (Bart Van Assche) [Orabug: 29908708] \n- scsi: qedi: Fix misleading indentation (Bart Van Assche) [Orabug: 29908708] \n- qedi: Add get_generic_tlv_data handler. (Manish Rangankar) [Orabug: 29908708] \n- qedi: Add support for populating ethernet TLVs. (Manish Rangankar) [Orabug: 29908708] \n- scsi: qedi: fix build regression (Arnd Bergmann) [Orabug: 29908708] \n- scsi: qedi: fix building with LTO (Arnd Bergmann) [Orabug: 29908708] \n- scsi: qedi: Cleanup local str variable (Nilesh Javali) [Orabug: 29908708] \n- scsi: qedi: Drop cqe response during connection recovery (Manish Rangankar) [Orabug: 29908708] \n- scsi: qedi: Use zeroing allocator instead of allocator/memset (Himanshu Jha) [Orabug: 29908708] \n- scsi: qedi: Fix a possible sleep-in-atomic bug in qedi_process_tmf_resp (Jia-Ju Bai) [Orabug: 29908708] \n- scsi: qedi: Delete redundant variables (Christos Gkekas) [Orabug: 29908708] \n- qed: Display port_id in the UFP debug messages. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: fix spelling mistake 'faspath' -> 'fastpath' (Colin Ian King) [Orabug: 29908708] \n- qed: Fix the DORQ's attentions handling (Denis Bolotin) [Orabug: 29908708] \n- qed: Fix missing DORQ attentions (Denis Bolotin) [Orabug: 29908708] \n- qed: Fix the doorbell address sanity check (Denis Bolotin) [Orabug: 29908708] \n- qed: Delete redundant doorbell recovery types (Denis Bolotin) [Orabug: 29908708] \n- qede: fix write to free'd pointer error and double free of ptp (Colin Ian King) [Orabug: 29908708] \n- qed: Define new MF bit for no_vlan config (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qede: Populate mbi version in ethtool driver query data. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qede: Fix internal loopback failure with jumbo mtu configuration (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Read device port count from the shmem (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Fix iWARP syn packet mac address validation. (Michal Kalderon) [Orabug: 29908708] \n- qed: Fix iWARP buffer size provided for syn packet processing. (Michal Kalderon) [Orabug: 29908708] \n- qed: fix indentation issue with statements in an if-block (Colin Ian King) [Orabug: 29908708] \n- qede: Add ethtool interface for SmartAN query. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Add API for SmartAN query. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed*: Advance drivers version to 8.37.0.20 (Manish Chopra) [Orabug: 29908708] \n- qed: Change verbosity for coalescing message. (Rahul Verma) [Orabug: 29908708] \n- qede: Fix system crash on configuring channels. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Consider TX tcs while deriving the max num_queues for PF. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Assign UFP TC value to vlan priority in UFP mode. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Fix EQ full firmware assert. (Manish Chopra) [Orabug: 29908708] \n- qed: Fix stack out of bounds bug (Manish Chopra) [Orabug: 29908708] \n- qed: Fix system crash in ll2 xmit (Manish Chopra) [Orabug: 29908708] \n- qed: Fix VF probe failure while FLR (Manish Chopra) [Orabug: 29908708] \n- qed: Fix LACP pdu drops for VFs (Manish Chopra) [Orabug: 29908708] \n- qed: Fix bug in tx promiscuous mode settings (Manish Chopra) [Orabug: 29908708] \n- qede: Error recovery process (Tomer Tayar) [Orabug: 29908708] \n- qed: Add infrastructure for error detection and recovery (Tomer Tayar) [Orabug: 29908708] \n- qed: Revise load sequence to avoid PCI errors (Tomer Tayar) [Orabug: 29908708] \n- qed: Mark expected switch fall-through (Gustavo A. R. Silva) [Orabug: 29908708] \n- qed: remove duplicated include from qed_if.h (YueHaibing) [Orabug: 29908708] \n- qed: Fix command number mismatch between driver and the mfw (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: fix spelling mistake 'Dispalying' -> 'Displaying' (Colin Ian King) [Orabug: 29908708] \n- qede: Register l2 queues with doorbell overflow recovery mechanism (Ariel Elior) [Orabug: 29908708] \n- qed: Expose the doorbell overflow recovery mechanism to the protocol drivers (Ariel Elior) [Orabug: 29908708] \n- qed: Register light L2 queues with doorbell overflow recovery mechanism (Ariel Elior) [Orabug: 29908708] \n- qed: Register slowpath queue doorbell with doorbell overflow recovery mechanism (Ariel Elior) [Orabug: 29908708] \n- qed: Use the doorbell overflow recovery mechanism in case of doorbell overflow (Ariel Elior) [Orabug: 29908708] \n- qed: Add doorbell overflow recovery mechanism (Ariel Elior) [Orabug: 29908708] \n- qede - Add a statistic for a case where driver drops tx packet due to memory allocation failure. (Michael Shteinbok) [Orabug: 29908708] \n- qed: fix spelling mistake 'attnetion' -> 'attention' (Colin Ian King) [Orabug: 29908708] \n- qed: Add support for MBI upgrade over MFW. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qede: Update link status only when interface is ready. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qede: Simplify the usage of qede-flags. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Fix rdma_info structure allocation (Michal Kalderon) [Orabug: 29908708] \n- qed: Fix overriding offload_tc by protocols without APP TLV (Denis Bolotin) [Orabug: 29908708] \n- qed: Fix SPQ entries not returned to pool in error flows (Denis Bolotin) [Orabug: 29908708] \n- qed: fix link config error handling (Arnd Bergmann) [Orabug: 29908708] \n- qed: Fix static checker warning (Rahul Verma) [Orabug: 29908708] \n- qed: fix spelling mistake 'transcevier' -> 'transceiver' (Colin Ian King) [Orabug: 29908708] \n- qed: Prevent link getting down in case of autoneg-off. (Rahul Verma) [Orabug: 29908708] \n- qede: Check available link modes before link set from ethtool. (Rahul Verma) [Orabug: 29908708] \n- qed: Add supported link and advertise link to display in ethtool. (Rahul Verma) [Orabug: 29908708] \n- qed: Added supported transceiver modes, speed capability and board config to HSI. (Rahul Verma) [Orabug: 29908708] \n- qed: Align local and global PTT to propagate through the APIs. (Rahul Verma) [Orabug: 29908708] \n- qed: fix spelling mistake 'Ireelevant' -> 'Irrelevant' (Colin Ian King) [Orabug: 29908708] \n- qed: Add support for virtual link. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Avoid implicit enum conversion in qed_ooo_submit_tx_buffers (Nathan Chancellor) [Orabug: 29908708] \n- qede: Add driver support for 20G link speed. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Add driver support for 20G link speed. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- RDMA/qedr: Remove enumerated type qed_roce_ll2_tx_dest (Nathan Chancellor) [Orabug: 29908708] \n- qed: fix spelling mistake 'b_cb_registred' -> 'b_cb_registered' (Colin Ian King) [Orabug: 29908708] \n- qed: Fix shmem structure inconsistency between driver and the mfw. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Remove set but not used variable 'p_archipelago' (YueHaibing) [Orabug: 29908708] \n- qed: fix spelling mistake 'toogle' -> 'toggle' (Colin Ian King) [Orabug: 29908708] \n- net: qed: list usage cleanup (zhong jiang) [Orabug: 29908708] \n- qed: Add missing device config for RoCE EDPM in UFP mode. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Do not add VLAN 0 tag to untagged frames in multi-function mode. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Fix populating the invalid stag value in multi function mode. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- net: qede: Use FIELD_SIZEOF directly instead of reimplementing its function (zhong jiang) [Orabug: 29908708] \n- qed: remove duplicated include from qed_cxt.c (YueHaibing) [Orabug: 29908708] \n- qed*: Utilize FW 8.37.7.0 (Denis Bolotin) [Orabug: 29908708] \n- qed: Lower the severity of a dcbx log message. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: fix spelling mistake 'comparsion' -> 'comparison' (Colin Ian King) [Orabug: 29908708] \n- qede: Add destination ip based flow profile. (Manish Chopra) [Orabug: 29908708] \n- qed/qede: Multi CoS support. (Manish Chopra) [Orabug: 29908708] \n- qede: qede_fp: Mark expected switch fall-through (Gustavo A. R. Silva) [Orabug: 29908708] \n- qed: qed_dev: Mark expected switch fall-throughs (Gustavo A. R. Silva) [Orabug: 29908708] \n- qed: Add Multi-TC RoCE support (Denis Bolotin) [Orabug: 29908708] \n- qed: Add a flag which indicates if offload TC is set (Denis Bolotin) [Orabug: 29908708] \n- qed: Add DCBX API - qed_dcbx_get_priority_tc() (Denis Bolotin) [Orabug: 29908708] \n- qed: Make some functions static (YueHaibing) [Orabug: 29908708] \n- qed: remove redundant functions qed_get_cm_pq_idx_rl (YueHaibing) [Orabug: 29908708] \n- qed: remove redundant functions qed_set_gft_event_id_cm_hdr (YueHaibing) [Orabug: 29908708] \n- qede: Add driver callbacks for eeprom module query. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Add qed APIs for PHY module query. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: fix spelling mistake 'successffuly' -> 'successfully' (Ewan D. Milne) [Orabug: 29908708] \n- qed: off by one in qed_parse_mcp_trace_buf() (Dan Carpenter) [Orabug: 29908708] \n- qed: Fix reading stale configuration information (Denis Bolotin) [Orabug: 29908708] \n- qed: remove redundant pointer 'name' (Colin Ian King) [Orabug: 29908708] \n- qed*: Utilize FW 8.37.2.0 (Michal Kalderon) [Orabug: 29908708] \n- qed: use dma_zalloc_coherent instead of allocator/memset (YueHaibing) [Orabug: 29908708] \n- qed: Add srq core support for RoCE and iWARP (Yuval Bason) [Orabug: 29908708] \n- qed: Fix use of incorrect shmem address. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Fix shared memory inconsistency between driver and the MFW. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed*: Add link change count value to ethtool statistics display. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed*: Support drop action classification (Manish Chopra) [Orabug: 29908708] \n- qede: Support flow classification to the VFs. (Manish Chopra) [Orabug: 29908708] \n- qed*: Support other classification modes. (Manish Chopra) [Orabug: 29908708] \n- qede: Validate unsupported configurations (Manish Chopra) [Orabug: 29908708] \n- qede: Refactor ethtool rx classification flow. (Manish Chopra) [Orabug: 29908708] \n- qede: Add support for populating ethernet TLVs. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Add driver infrastucture for handling mfw requests. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Add support for processing iscsi tlv request. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Add support for processing fcoe tlv request. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Add support for tlv request processing. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Add MFW interfaces for TLV request support. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qede: Add build_skb() support. (Manish Chopra) [Orabug: 29908708] \n- qed: Fix LL2 race during connection terminate (Michal Kalderon) [Orabug: 29908708] \n- qed: Fix possibility of list corruption during rmmod flows (Michal Kalderon) [Orabug: 29908708] \n- qed: LL2 flush isles when connection is closed (Michal Kalderon) [Orabug: 29908708] \n- qede: Fix ref-cnt usage count (Michal Kalderon) [Orabug: 29908708] \n- qed: fix spelling mistake: 'taskelt' -> 'tasklet' (Colin Ian King) [Orabug: 29908708] \n- qed: Add support for Unified Fabric Port. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Add support for multi function mode with 802.1ad tagging. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Remove unused data member 'is_mf_default'. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed*: Refactor mf_mode to consist of bits. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: fix spelling mistake: 'offloded' -> 'offloaded' (Colin Ian King) [Orabug: 29908708] \n- qed: fix spelling mistake: 'checksumed' -> 'checksummed' (Colin Ian King) [Orabug: 29908708] \n- qed: Fix copying 2 strings (Denis Bolotin) [Orabug: 29908708] \n- qed: Add configuration information to register dump and debug data (Denis Bolotin) [Orabug: 29908708] \n- qed: Delete unused parameter p_ptt from mcp APIs (Denis Bolotin) [Orabug: 29908708] \n- qed* : Add new TLV to request PF to update MAC in bulletin board (Shahed Shaikh) [Orabug: 29908708] \n- qed* : use trust mode to allow VF to override forced MAC (Shahed Shaikh) [Orabug: 29908708] \n- qede: Ethtool flash update support. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Adapter flash update support. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Add APIs for flash access. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Fix PTT entry leak in the selftest error flow. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed: Populate nvm image attribute shadow. (Sudarsana Reddy Kalluru) [Orabug: 29908708] \n- qed*: Utilize FW 8.33.11.0 (Michal Kalderon) [Orabug: 29908708] \n- qed: Use true and false for boolean values (Gustavo A. R. Silva) [Orabug: 29908708] \n- qede: fix spelling mistake: 'registeration' -> 'registration' (Colin Ian King) [Orabug: 29908708] \n- qed: Fix MPA unalign flow in case header is split across two packets. (Michal Kalderon) [Orabug: 29908708] \n- qed: Use after free in qed_rdma_free() (Dan Carpenter) [Orabug: 29908708] \n- qlogic/qed: Constify *pkt_type_str[] (Hernan Gonzalez) [Orabug: 29908708] \n- qed: code indent should use tabs where possible (Rohit Visavalia) [Orabug: 29908708] \n- qed: Free reserved MR tid (Michal Kalderon) [Orabug: 29908708] \n- qed: Remove reserveration of dpi for kernel (Michal Kalderon) [Orabug: 29908708] \n- qed: Fix potential use-after-free in qed_spq_post() (Roland Dreier) [Orabug: 29908708] \n- xdp/qede: setup xdp_rxq_info and intro xdp_rxq_info_is_reg (Jesper Dangaard Brouer) [Orabug: 29908708] \n- qed: Use zeroing memory allocator than allocator/memset (Himanshu Jha) [Orabug: 29908708] \n- qed*: Advance drivers' version to 8.33.0.20 (Tomer Tayar) [Orabug: 29908708] \n- qed*: Utilize FW 8.33.1.0 (Tomer Tayar) [Orabug: 29908708] \n- qed*: HSI renaming for different types of HW (Tomer Tayar) [Orabug: 29908708] \n- qed*: Refactoring and rearranging FW API with no functional impact (Tomer Tayar) [Orabug: 29908708] \n- qede: Use NETIF_F_GRO_HW. (Michael Chan) [Orabug: 29908708] \n- net/rds: changed module parameter rds_qos_threshold_action to be writable (Qing Huang) [Orabug: 30008104] \n- uek-rpm/ol7/nano_modules fix (Jane Chu) [Orabug: 29914798] \n- libnvdimm: Fix compilation warnings with W=1 (Qian Cai) [Orabug: 29914798] \n- libnvdimm/pmem: Bypass CONFIG_HARDENED_USERCOPY overhead (Dan Williams) [Orabug: 29914798] \n- dax: Arrange for dax_supported check to span multiple devices (Dan Williams) [Orabug: 29914798] \n- tools/testing/nvdimm: add watermarks for dax_pmem* modules (Vishal Verma) [Orabug: 29914798] \n- dax/pmem: Fix whitespace in dax_pmem (Vishal Verma) [Orabug: 29914798] \n- drivers/dax: Allow to include DEV_DAX_PMEM as builtin (Aneesh Kumar K.V) [Orabug: 29914798] \n- device-dax: Add a 'modalias' attribute to DAX 'bus' devices (Vishal Verma) [Orabug: 29914798] \n- device-dax: 'Hotplug' persistent memory for use like normal RAM (Dave Hansen) [Orabug: 29914798] \n- mm/resource: Let walk_system_ram_range() search child resources (Dave Hansen) [Orabug: 29914798] \n- mm/memory-hotplug: Allow memory resources to be children (Dave Hansen) [Orabug: 29914798] \n- mm/resource: Move HMM pr_debug() deeper into resource code (Dave Hansen) [Orabug: 29914798] \n- mm/resource: Return real error codes from walk failures (Dave Hansen) [Orabug: 29914798] \n- device-dax: Add a 'target_node' attribute (Dan Williams) [Orabug: 29914798] \n- device-dax: Auto-bind device after successful new_id (Dan Williams) [Orabug: 29914798] \n- acpi/nfit, device-dax: Identify differentiated memory with a unique numa-node (Dan Williams) [Orabug: 29914798] \n- device-dax: Add /sys/class/dax backwards compatibility (Dan Williams) [Orabug: 29914798] \n- device-dax: Add support for a dax override driver (Dan Williams) [Orabug: 29914798] \n- device-dax: Move resource pinning+mapping into the common driver (Dan Williams) [Orabug: 29914798] \n- device-dax: Introduce bus + driver model (Dan Williams) [Orabug: 29914798] \n- device-dax: Start defining a dax bus model (Dan Williams) [Orabug: 29914798] \n- device-dax: Remove multi-resource infrastructure (Dan Williams) [Orabug: 29914798] \n- device-dax: Kill dax_region base (Dan Williams) [Orabug: 29914798] \n- device-dax: Kill dax_region ida (Dan Williams) [Orabug: 29914798] \n- mm, hmm: replace hmm_devmem_pages_create() with devm_memremap_pages() (Dan Williams) [Orabug: 29914798] \n- mm/hmm.c: remove superfluous RCU protection around radix tree lookup (Tejun Heo) [Orabug: 29914798] \n- mm/hmm.c: remove unused variables align_start and align_end (Colin Ian King) [Orabug: 29914798] \n- mm/hmm: remove redundant variable align_end (Colin Ian King) [Orabug: 29914798] \n- mm, hmm: use devm semantics for hmm_devmem_{add, remove} (Dan Williams) [Orabug: 29914798] \n- mm, devm_memremap_pages: add MEMORY_DEVICE_PRIVATE support (Dan Williams) [Orabug: 29914798] \n- mm, devm_memremap_pages: fix shutdown handling (Dan Williams) [Orabug: 29914798] \n- mm, devm_memremap_pages: kill mapping 'System RAM' support (Dan Williams) [Orabug: 29914798] \n- mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL (Dan Williams) [Orabug: 29914798] \n- kernel/memremap, kasan: make ZONE_DEVICE with work with KASAN (Andrey Ryabinin) [Orabug: 29914798] \n- fs/ocfs2: fix race in ocfs2_dentry_attach_lock() (Wengang Wang) [Orabug: 29957705] \n- net/rds: fixed an error in parsing module parameter string rds_qos_threshold (Qing Huang) [Orabug: 30008066]\n[4.14.35-1902.4.0]\n- cpuidle-haltpoll: disable host side polling when kvm virtualized (Marcelo Tosatti) [Orabug: 27733419] \n- kvm:x86: add host poll control msrs (Marcelo Tosatti) [Orabug: 27733419] \n- drivers/cpuidle: add cpuidle-haltpoll driver (Marcelo Tosatti) [Orabug: 27733419] \n- KVM: polling: add architecture backend to disable polling (Christian Borntraeger) [Orabug: 27733419] \n- nvmet: fix discover log page when offsets are used (Keith Busch) [Orabug: 29933727] \n- nvme-fc: correct csn initialization and increments on error (James Smart) [Orabug: 29933727] \n- nvmet: ignore EOPNOTSUPP for discard (Christoph Hellwig) [Orabug: 29933727] \n- nvme: add proper write zeroes setup for the multipath device (Christoph Hellwig) [Orabug: 29933727] \n- nvme: add proper discard setup for the multipath device (Christoph Hellwig) [Orabug: 29933727] \n- nvme: remove nvme_ns_config_oncs (Christoph Hellwig) [Orabug: 29933727] \n- nvme: disable Write Zeroes for qemu controllers (Christoph Hellwig) [Orabug: 29933727] \n- nvmet-fc: bring Disconnect into compliance with FC-NVME spec (James Smart) [Orabug: 29933727] \n- nvmet-fc: fix issues with targetport assoc_list list walking (James Smart) [Orabug: 29933727] \n- nvme-fc: reject reconnect if io queue count is reduced to zero (James Smart) [Orabug: 29933727] \n- nvme-fc: use nr_phys_segments to determine existence of sgl (James Smart) [Orabug: 29933727] \n- nvme-loop: init nvmet_ctrl fatal_err_work when allocate (Yufen Yu) [Orabug: 29933727] \n- nvme: update comment to make the code easier to read (Yufen Yu) [Orabug: 29933727] \n- nvme: put ns_head ref if namespace fails allocation (Sagi Grimberg) [Orabug: 29933727] \n- nvme-trace: fix cdw10 buffer overrun (Keith Busch) [Orabug: 29933727] \n- nvme: don't warn on block content change effects (Keith Busch) [Orabug: 29933727] \n- nvme: add get-feature to admin cmds tracer (Max Gurtovoy) [Orabug: 29933727] \n- nvme-rdma: use nr_phys_segments when map rq to sgl (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: convert to SPDX identifiers (Christoph Hellwig) [Orabug: 29933727] \n- nvmet-rdma: convert to SPDX identifiers (Christoph Hellwig) [Orabug: 29933727] \n- nvme-loop: convert to SPDX identifiers (Christoph Hellwig) [Orabug: 29933727] \n- nvmet-fcloop: convert to SPDX identifiers (Christoph Hellwig) [Orabug: 29933727] \n- nvmet-fc: convert to SPDX identifiers (Christoph Hellwig) [Orabug: 29933727] \n- nvme: convert to SPDX identifiers (Christoph Hellwig) [Orabug: 29933727] \n- nvme-pci: convert to SPDX identifiers (Christoph Hellwig) [Orabug: 29933727] \n- nvme-lightnvm: convert to SPDX identifiers (Christoph Hellwig) [Orabug: 29933727] \n- nvme-rdma: convert to SPDX identifiers (Christoph Hellwig) [Orabug: 29933727] \n- nvme-fc: convert to SPDX identifiers (Christoph Hellwig) [Orabug: 29933727] \n- nvme-fabrics: convert to SPDX identifiers (Christoph Hellwig) [Orabug: 29933727] \n- nvme_ioctl.h: remove duplicate GPL boilerplate (Christoph Hellwig) [Orabug: 29933727] \n- nvme: return error from nvme_alloc_ns() (Hannes Reinecke) [Orabug: 29933727] \n- nvme: avoid that deleting a controller triggers a circular locking complaint (Bart Van Assche) [Orabug: 29933727] \n- nvme: introduce a helper function for controller deletion (Bart Van Assche) [Orabug: 29933727] \n- nvme: unexport nvme_delete_ctrl_sync() (Bart Van Assche) [Orabug: 29933727] \n- nvme-pci: check kstrtoint() return value in queue_count_set() (Bart Van Assche) [Orabug: 29933727] \n- nvme-fabrics: document the poll function argument (Bart Van Assche) [Orabug: 29933727] \n- nvmet: fix indentation (Bart Van Assche) [Orabug: 29933727] \n- nvme-pci: add missing unlock for reset error (Keith Busch) [Orabug: 29933727] \n- nvme-pci: fix rapid add remove sequence (Keith Busch) [Orabug: 29933727] \n- nvme: lock NS list changes while handling command effects (Keith Busch) [Orabug: 29933727] \n- scsi: lpfc: nvmet: avoid hang / use-after-free when destroying targetport (Ewan D. Milne) [Orabug: 29933727] \n- scsi: lpfc: nvme: avoid hang / use-after-free when destroying localport (Ewan D. Milne) [Orabug: 29933727] \n- nvme: don't initlialize ctrl->cntlid twice (Andrey Smirnov) [Orabug: 29933727] \n- nvme: introduce NVME_QUIRK_IGNORE_DEV_SUBNQN (James Dingwall) [Orabug: 29933727] \n- nvme: pad fake subsys NQN vid and ssvid with zeros (Keith Busch) [Orabug: 29933727] \n- nvme-pci: trace SQ status on completions (yupeng) [Orabug: 29933727] \n- nvmet: use a macro for default error location (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: fix comparison of a u16 with -1 (Colin Ian King) [Orabug: 29933727] \n- nvme: fix kernel paging oops (Sagi Grimberg) [Orabug: 29933727] \n- nvmet: update smart log with num err log entries (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: add error log page cmd handler (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: add error log support for file backend (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: add error log support for bdev backend (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: add error log support for admin-cmd (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: add error log support for rdma backend (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: add error log support for fabrics-cmd (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: add error log support in the core (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: add interface to update error-log page (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: add error-log definitions (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvme: add error log page slot definition (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvme: remove nvme_common command cdw10 array (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: remove unused variable (Sagi Grimberg) [Orabug: 29933727] \n- nvme: provide fallback for discard alloc failure (Jens Axboe) [Orabug: 29933727] \n- nvme: add __exit annotation (Chengguang Xu) [Orabug: 29933727] \n- nvme: remove unused function nvme_ctrl_ready (Israel Rukshin) [Orabug: 29933727] \n- nvme: implement Enhanced Command Retry (Keith Busch) [Orabug: 29933727] \n- nvmet: fix the structure member indentation (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: use unlikely for req status check (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvme: Remove unused forward declaration (Israel Rukshin) [Orabug: 29933727] \n- nvme: disable fabrics SQ flow control when asked by the user (Sagi Grimberg) [Orabug: 29933727] \n- nvmet: expose support for fabrics SQ flow control disable in treq (Sagi Grimberg) [Orabug: 29933727] \n- nvmet: don't override treq upon modification. (Sagi Grimberg) [Orabug: 29933727] \n- nvmet: support fabrics sq flow control (Sagi Grimberg) [Orabug: 29933727] \n- nvmet-fc: remove the IN_ISR deferred scheduling options (James Smart) [Orabug: 29933727] \n- nvmet: mark nvmet_genctr static (Christoph Hellwig) [Orabug: 29933727] \n- nvmet: enable Discovery Controller AENs (Jay Sternberg) [Orabug: 29933727] \n- nvmet: allow host connect even if no allowed subsystems are exported (Sagi Grimberg) [Orabug: 29933727] \n- nvmet: add support to Discovery controllers for commands (Jay Sternberg) [Orabug: 29933727] \n- nvmet: add defines for discovery change async events (Jay Sternberg) [Orabug: 29933727] \n- nvmet: make kato and AEN processing for use by other controllers (Jay Sternberg) [Orabug: 29933727] \n- nvmet: allow Keep Alive for Discovery controller (Jay Sternberg) [Orabug: 29933727] \n- nvmet: change aen mask functions to use bit numbers (Jay Sternberg) [Orabug: 29933727] \n- nvmet: provide aen bit functions for multiple controller types (Jay Sternberg) [Orabug: 29933727] \n- nvmet: use IOCB_NOWAIT for file-ns buffered I/O (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvmet: support for traffic based keep-alive (Sagi Grimberg) [Orabug: 29933727] \n- nvme: support traffic based keep-alive (Sagi Grimberg) [Orabug: 29933727] \n- nvme: cache controller attributes (Sagi Grimberg) [Orabug: 29933727] \n- nvme: introduce ctrl attributes enumeration (Sagi Grimberg) [Orabug: 29933727] \n- nvme: consolidate memset calls in the nvme_setup_cmd path (Chaitanya Kulkarni) [Orabug: 29933727] \n- nvme: use blk API to remap ref tags for IOs with metadata (Max Gurtovoy) [Orabug: 29933727] \n- block: move dif_prepare/dif_complete functions to block layer (Max Gurtovoy) [Orabug: 29933727] \n- nfsd: COPY and CLONE operations require the saved filehandle to be set (Scott Mayhew) [Orabug: 29925432] {CVE-2018-16871}\n- ext4: zero out the unused memory region in the extent tree block (Sriram Rajagopalan) [Orabug: 29925498] {CVE-2019-11833} {CVE-2019-11833}\n- drm/edid: Fix a missing-check bug in drm_load_edid_firmware() (Gen Zhang) [Orabug: 29925968] {CVE-2019-12382}\n- ip_sockglue: Fix missing-check bug in ip_ra_control() (Gen Zhang) [Orabug: 29926004] {CVE-2019-12381}\n- ipv6_sockglue: Fix a missing-check bug in ip6_ra_control() (Gen Zhang) [Orabug: 29926056] {CVE-2019-12378}", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-08-15T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16871", "CVE-2019-1125", "CVE-2019-11833", "CVE-2019-12378", "CVE-2019-12381", "CVE-2019-12382", "CVE-2019-13272", "CVE-2019-13631"], "modified": "2019-08-15T00:00:00", "id": "ELSA-2019-4746", "href": "http://linux.oracle.com/errata/ELSA-2019-4746.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:24:54", "description": "[4.1.12-124.29.3]\n- mlx4_core: change log_num_{qp,rdmarc} with scale_profile (Mukesh Kacker) [Orabug: 30064080]\n[4.1.12-124.29.2]\n- scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error (Cathy Avery) [Orabug: 30052805]\n[4.1.12-124.29.1]\n- USB: check usb_get_extra_descriptor for proper size (Mathias Payer) [Orabug: 29755247] {CVE-2018-20169}\n- rds: ib: Fix dereference of conn when NULL and cleanup thereof (Hakon Bugge) [Orabug: 29924849] \n- ext4: zero out the unused memory region in the extent tree block (Sriram Rajagopalan) [Orabug: 29925523] {CVE-2019-11833} {CVE-2019-11833}\n- ip_sockglue: Fix missing-check bug in ip_ra_control() (Gen Zhang) [Orabug: 29926005] {CVE-2019-12381}\n- ipv6_sockglue: Fix a missing-check bug in ip6_ra_control() (Gen Zhang) [Orabug: 29926057] {CVE-2019-12378}\n- x86/microcode: fix x86_spec_ctrl_mask on late loading. (Mihai Carabas) [Orabug: 29941248] \n- net: rds: fix rds recv memory leak (Zhu Yanjun) [Orabug: 30034815]", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-07-29T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20169", "CVE-2019-11833", "CVE-2019-12378", "CVE-2019-12381"], "modified": "2019-07-29T00:00:00", "id": "ELSA-2019-4729", "href": "http://linux.oracle.com/errata/ELSA-2019-4729.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:25:16", "description": "- [4.18.0-80.7.2_0.OL8]\n- Oracle Linux certificates (Alexey Petrenko)\n- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]\n- Update x509.genkey [Orabug: 24817676]\n[4.18.0-80.7.2_0]\n- [x86] x86/entry/64: Use JMP instead of JMPQ (Josh Poimboeuf) [1724500 1724501] {CVE-2019-1125}\n- [x86] x86/speculation: Enable Spectre v1 swapgs mitigations (Josh Poimboeuf) [1724500 1724501] {CVE-2019-1125}\n- [x86] x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Josh Poimboeuf) [1724500 1724501] {CVE-2019-1125}\n- [x86] x86/cpufeatures: Combine word 11 and 12 into a new scattered features word (Josh Poimboeuf) [1724500 1724501] {CVE-2019-1125}\n- [x86] x86/cpufeatures: Carve out CQM features retrieval (Josh Poimboeuf) [1724500 1724501] {CVE-2019-1125}\n- [kernel] ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (Aristeu Rozanski) [1730958 1730959] {CVE-2019-13272}", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-08-19T00:00:00", "type": "oraclelinux", "title": "kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1125", "CVE-2019-13272"], "modified": "2019-08-19T00:00:00", "id": "ELSA-2019-2411", "href": "http://linux.oracle.com/errata/ELSA-2019-2411.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:25:38", "description": "[4.1.12-124.30.1]\n- xen: let alloc_xenballooned_pages() fail if not enough memory free (Juergen Gross) [Orabug: 30073695] \n- mm/page_alloc.c: calculate 'available' memory in a separate function (Igor Redko) [Orabug: 30073695] \n- Input: gtco - bounds check collection indent level (Grant Hernandez) [Orabug: 30074413] {CVE-2019-13631}\n- Documentation/Docbook/Makefile: process xml files in parallel, based on nproc --all value (Alexander Burmashev) [Orabug: 30079814] \n- net: rds: fix compile warning (Zhu Yanjun) [Orabug: 30118035]", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-08T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13631"], "modified": "2019-08-08T00:00:00", "id": "ELSA-2019-4739", "href": "http://linux.oracle.com/errata/ELSA-2019-4739.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:24:55", "description": "kernel-uek\n[3.8.13-118.37.1]\n- Input: gtco - bounds check collection indent level (Grant Hernandez) [Orabug: 30074414] {CVE-2019-13631}", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-08T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13631"], "modified": "2019-08-08T00:00:00", "id": "ELSA-2019-4741", "href": "http://linux.oracle.com/errata/ELSA-2019-4741.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:24:56", "description": "[2.6.39-400.314.1]\n- x86/speculation: Exclude ATOMs from speculation through SWAPGS (Thomas Gleixner) [Orabug: 30165287] {CVE-2019-1125}\n- x86/speculation: Enable Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 30165287] {CVE-2019-1125}\n- x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 30165287] {CVE-2019-1125}", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-09-09T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1125"], "modified": "2019-09-09T00:00:00", "id": "ELSA-2019-4777", "href": "http://linux.oracle.com/errata/ELSA-2019-4777.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:25:01", "description": "[4.1.12-124.29.3.1]\n- x86/speculation: Exclude ATOMs from speculation through SWAPGS (Thomas Gleixner) [Orabug: 29967571] {CVE-2019-1125}\n- x86/speculation: Enable Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 29967571] {CVE-2019-1125}\n- x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 29967571] {CVE-2019-1125}", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-08-06T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1125"], "modified": "2019-08-06T00:00:00", "id": "ELSA-2019-4735", "href": "http://linux.oracle.com/errata/ELSA-2019-4735.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:25:11", "description": "kernel-uek\n[3.8.13-118.38.1]\n- x86/speculation: Exclude ATOMs from speculation through SWAPGS (Thomas Gleixner) [Orabug: 30165288] {CVE-2019-1125}\n- x86/speculation: Enable Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 30165288] {CVE-2019-1125}\n- x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 30165288] {CVE-2019-1125}", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-09-05T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1125"], "modified": "2019-09-05T00:00:00", "id": "ELSA-2019-4775", "href": "http://linux.oracle.com/errata/ELSA-2019-4775.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:25:04", "description": "[4.14.35-1902.3.2]\n- x86/speculation: Exclude ATOMs from speculation through SWAPGS (Thomas Gleixner) [Orabug: 29967570] {CVE-2019-1125}\n- x86/speculation: Enable Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 29967570] {CVE-2019-1125}\n- x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 29967570] {CVE-2019-1125}", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-08-06T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1125"], "modified": "2019-08-06T00:00:00", "id": "ELSA-2019-4733", "href": "http://linux.oracle.com/errata/ELSA-2019-4733.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2023-05-24T14:26:53", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2411 advisory.\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.\n (CVE-2019-13272)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-08-20T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : kernel (ELSA-2019-2411)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125", "CVE-2019-13272"], "modified": "2023-02-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:bpftool", "p-cpe:/a:oracle:linux:kernel-core", "p-cpe:/a:oracle:linux:kernel-cross-headers", "p-cpe:/a:oracle:linux:kernel-debug-core", "p-cpe:/a:oracle:linux:kernel-debug-modules", "p-cpe:/a:oracle:linux:kernel-debug-modules-extra", "p-cpe:/a:oracle:linux:kernel-modules", "p-cpe:/a:oracle:linux:kernel-modules-extra", "p-cpe:/a:oracle:linux:python3-perf"], "id": "ORACLELINUX_ELSA-2019-2411.NASL", "href": "https://www.tenable.com/plugins/nessus/127978", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-2411.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127978);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\"CVE-2019-1125\", \"CVE-2019-13272\");\n script_xref(name:\"RHSA\", value:\"2019:2411\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"Oracle Linux 8 : kernel (ELSA-2019-2411)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2019-2411 advisory.\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively\n access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from\n CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the\n credentials of a process that wants to create a ptrace relationship, which allows local users to obtain\n root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops\n privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an\n object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of\n a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper\n with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.\n (CVE-2019-13272)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-2411.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13272\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-perf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.18.0-80.7.2.el8_0'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-2411');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.18';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'bpftool-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-4.18.0'},\n {'reference':'kernel-abi-whitelists-4.18.0-80.7.2.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-whitelists-4.18.0'},\n {'reference':'kernel-core-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-core-4.18.0'},\n {'reference':'kernel-cross-headers-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-cross-headers-4.18.0'},\n {'reference':'kernel-debug-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-4.18.0'},\n {'reference':'kernel-debug-core-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-core-4.18.0'},\n {'reference':'kernel-debug-devel-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-4.18.0'},\n {'reference':'kernel-debug-modules-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-modules-4.18.0'},\n {'reference':'kernel-debug-modules-extra-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-modules-extra-4.18.0'},\n {'reference':'kernel-devel-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-4.18.0'},\n {'reference':'kernel-headers-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-4.18.0'},\n {'reference':'kernel-modules-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-4.18.0'},\n {'reference':'kernel-modules-extra-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-extra-4.18.0'},\n {'reference':'kernel-tools-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-4.18.0'},\n {'reference':'kernel-tools-libs-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-4.18.0'},\n {'reference':'kernel-tools-libs-devel-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-devel-4.18.0'},\n {'reference':'kernel-tools-libs-devel-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-devel-4.18.0'},\n {'reference':'perf-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:08", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - x86/speculation: Exclude ATOMs from speculation through SWAPGS (Thomas Gleixner) [Orabug: 29967571] (CVE-2019-1125)\n\n - x86/speculation: Enable Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 29967571] (CVE-2019-1125)\n\n - x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 29967571] (CVE-2019-1125)\n\n - mlx4_core: change log_num_[qp,rdmarc] with scale_profile (Mukesh Kacker) [Orabug: 30064080]\n\n - scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error (Cathy Avery) [Orabug: 30052805]\n\n - USB: check usb_get_extra_descriptor for proper size (Mathias Payer) [Orabug: 29755247] (CVE-2018-20169)\n\n - rds: ib: Fix dereference of conn when NULL and cleanup thereof (H&aring kon Bugge) [Orabug: 29924849]\n\n - ext4: zero out the unused memory region in the extent tree block (Sriram Rajagopalan) [Orabug: 29925523] (CVE-2019-11833) (CVE-2019-11833)\n\n - ip_sockglue: Fix missing-check bug in ip_ra_control (Gen Zhang) [Orabug: 29926005] (CVE-2019-12381)\n\n - ipv6_sockglue: Fix a missing-check bug in ip6_ra_control (Gen Zhang) [Orabug: 29926057] (CVE-2019-12378)\n\n - x86/microcode: fix x86_spec_ctrl_mask on late loading.\n (Mihai Carabas) [Orabug: 29941248]\n\n - net: rds: fix rds recv memory leak (Zhu Yanjun) [Orabug:\n 30034815]", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0038)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20169", "CVE-2019-1125", "CVE-2019-11833", "CVE-2019-12378", "CVE-2019-12381"], "modified": "2020-02-18T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware", "cpe:/o:oracle:vm_server:3.4"], "id": "ORACLEVM_OVMSA-2019-0038.NASL", "href": "https://www.tenable.com/plugins/nessus/127565", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2019-0038.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127565);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/02/18\");\n\n script_cve_id(\"CVE-2018-20169\", \"CVE-2019-1125\", \"CVE-2019-11833\", \"CVE-2019-12378\", \"CVE-2019-12381\");\n\n script_name(english:\"OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0038)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - x86/speculation: Exclude ATOMs from speculation through\n SWAPGS (Thomas Gleixner) [Orabug: 29967571]\n (CVE-2019-1125)\n\n - x86/speculation: Enable Spectre v1 swapgs mitigations\n (Josh Poimboeuf) [Orabug: 29967571] (CVE-2019-1125)\n\n - x86/speculation: Prepare entry code for Spectre v1\n swapgs mitigations (Josh Poimboeuf) [Orabug: 29967571]\n (CVE-2019-1125)\n\n - mlx4_core: change log_num_[qp,rdmarc] with scale_profile\n (Mukesh Kacker) [Orabug: 30064080]\n\n - scsi: storvsc: Fix scsi_cmd error assignments in\n storvsc_handle_error (Cathy Avery) [Orabug: 30052805]\n\n - USB: check usb_get_extra_descriptor for proper size\n (Mathias Payer) [Orabug: 29755247] (CVE-2018-20169)\n\n - rds: ib: Fix dereference of conn when NULL and cleanup\n thereof (H&aring kon Bugge) [Orabug: 29924849]\n\n - ext4: zero out the unused memory region in the extent\n tree block (Sriram Rajagopalan) [Orabug: 29925523]\n (CVE-2019-11833) (CVE-2019-11833)\n\n - ip_sockglue: Fix missing-check bug in ip_ra_control (Gen\n Zhang) [Orabug: 29926005] (CVE-2019-12381)\n\n - ipv6_sockglue: Fix a missing-check bug in ip6_ra_control\n (Gen Zhang) [Orabug: 29926057] (CVE-2019-12378)\n\n - x86/microcode: fix x86_spec_ctrl_mask on late loading.\n (Mihai Carabas) [Orabug: 29941248]\n\n - net: rds: fix rds recv memory leak (Zhu Yanjun) [Orabug:\n 30034815]\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2019-August/000954.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a8d3cb3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-4.1.12-124.29.3.1.el6uek\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-firmware-4.1.12-124.29.3.1.el6uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:26", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-4775 advisory.\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-09-09T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4775)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.38.1.el6uek", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.38.1.el7uek", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2019-4775.NASL", "href": "https://www.tenable.com/plugins/nessus/128600", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-4775.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128600);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2019-1125\");\n script_xref(name:\"IAVA\", value:\"2019-A-0290-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0293-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0285-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0284-S\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4775)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2019-4775 advisory.\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively\n access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from\n CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-4775.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1125\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.38.1.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.38.1.el7uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['3.8.13-118.38.1.el6uek', '3.8.13-118.38.1.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-4775');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '3.8';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'dtrace-modules-3.8.13-118.38.1.el6uek-0.4.5-3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-118.38.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-118.38.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-118.38.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-118.38.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-118.38.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-118.38.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'},\n {'reference':'dtrace-modules-3.8.13-118.38.1.el7uek-0.4.5-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-118.38.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-118.38.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-118.38.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-118.38.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-118.38.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-118.38.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dtrace-modules-3.8.13-118.38.1.el6uek / dtrace-modules-3.8.13-118.38.1.el7uek / kernel-uek / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:08", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-4735 advisory.\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4735)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2019-4735.NASL", "href": "https://www.tenable.com/plugins/nessus/127614", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-4735.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127614);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2019-1125\");\n script_xref(name:\"IAVA\", value:\"2019-A-0290-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0293-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0285-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0284-S\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4735)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2019-4735 advisory.\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively\n access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from\n CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-4735.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1125\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.1.12-124.29.3.1.el6uek', '4.1.12-124.29.3.1.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-4735');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.1';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-4.1.12-124.29.3.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.29.3.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.29.3.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.29.3.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.29.3.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.29.3.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'},\n {'reference':'kernel-uek-4.1.12-124.29.3.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.29.3.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.29.3.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.29.3.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.29.3.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.29.3.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:42", "description": "The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-4777 advisory.\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-09-09T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2019-4777)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125"], "modified": "2021-09-08T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel"], "id": "ORACLELINUX_ELSA-2019-4777.NASL", "href": "https://www.tenable.com/plugins/nessus/128601", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-4777.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128601);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2019-1125\");\n script_xref(name:\"IAVA\", value:\"2019-A-0290-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0293-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0285-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0284-S\");\n\n script_name(english:\"Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2019-4777)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2019-4777 advisory.\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively\n access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from\n CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-4777.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1125\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.39-400.314.1.el6uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-4777');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-2.6.39-400.314.1.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-2.6.39-400.314.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.314.1.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.314.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.314.1.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.314.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.314.1.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.314.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-doc-2.6.39-400.314.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-2.6.39'},\n {'reference':'kernel-uek-firmware-2.6.39-400.314.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-2.6.39'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:10", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4729 advisory.\n\n - An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.\n (CVE-2018-20169)\n\n - fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. (CVE-2019-11833)\n\n - ** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue.\n (CVE-2019-12378)\n\n - ** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL. (CVE-2019-12381)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4729)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20169", "CVE-2019-11833", "CVE-2019-12378", "CVE-2019-12381"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2019-4729.NASL", "href": "https://www.tenable.com/plugins/nessus/127613", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-4729.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127613);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\n \"CVE-2018-20169\",\n \"CVE-2019-11833\",\n \"CVE-2019-12378\",\n \"CVE-2019-12381\"\n );\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4729)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe ELSA-2019-4729 advisory.\n\n - An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during\n the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.\n (CVE-2018-20169)\n\n - fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the\n extent tree block, which might allow local users to obtain sensitive information by reading uninitialized\n data in the filesystem. (CVE-2019-11833)\n\n - ** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel\n through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of\n service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue.\n (CVE-2019-12378)\n\n - ** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel\n through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of\n service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used\n if it is NULL. (CVE-2019-12381)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-4729.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.1.12-124.29.3.el6uek', '4.1.12-124.29.3.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-4729');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.1';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-4.1.12-124.29.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.29.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.29.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.29.3.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.29.3.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.29.3.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'},\n {'reference':'kernel-uek-4.1.12-124.29.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.29.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.29.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.29.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.29.3.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.29.3.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:05:30", "description": "An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125also known as Spectre SWAPGS gadget vulnerability)\n\nA Spectre gadget was found in the Linux kernel's implementation of system interrupts. An attacker with unprivilegedlocal access could use this information to reveal private data through a Spectre-like side channel.\n\nImpact\n\nF5 continues to investigate the impact of the Spectre SWAPGS gadget vulnerability on our products. F5 is focused onproviding patched releases as soon as we have fully tested and verified fixes. F5 will update this article with the most current information as soon as it is confirmed.\n\nBIG-IP\n\nFirst and foremost, there is no exposure on BIG-IP products by way ofthe data plane. All exposure is limited to the control plane (also known as the management plane).\n\nFurthermore, on the control plane, the vulnerability is exploitable only by four authorized, authenticated account roles: Administrator, Resource Administrator, Manager, and iRules Manager. You must be authorized to access the system in one of these roles to even attempt to exploit the vulnerability.\n\nThis vulnerability requires an attacker who can provideand runbinary code of their choosing on the BIG-IP platform.\n\nThese conditions severely restrict the exposure risk of BIG-IP products.\n\nFor single-tenancy products, such as astandalone BIG-IP appliance, the risk is limited to a local, authorized user using this vulnerability to read information from memory that they would not normally be able to access, exceeding their privileges. Effectively, the risk in a single-tenancy situation is that a user may be able to access kernel-space memory, instead of being limited to their own user-space.\n\nFor multi-tenancy environments, such as cloud, VE, and Virtual Clustered Multiprocessing (vCMP), the same local risk applies as with single-tenancy environments local kernel memory access. Additionally, the risk of attacks across guests exists, or attacks against the hypervisor/host. In cloud and VE environments, preventing these new attacks falls on the hypervisor/host platform, outside the scope of F5's ability to support or patch. Please contact your cloud provider or hypervisor vendor to ensure that their platforms or products are protected against this Spectre vulnerability.\n\nFor vCMP environments, F5 believes that while the Spectre SWAPGS gadget vulnerability does offer a theoretical possibility of guest-to-guest or guest-to-host attacks, these would be very difficult to successfully conduct in the BIG-IP environment.\n\nF5 is working with our hardware component vendors to determine the scope of this vulnerability across our various generations of hardware platforms. All of the information we currently have from our vendors is represented in this Security Advisory.\n\nWe are also testing the fixes produced by the Linux community. We are conducting anextensive test campaign to characterize the impact of the fixes on system performance and stabilityto ensure, as best we can, a good experience for our customers. We do not want to rush the process and release fixes without a full understanding of any potential issues. Given the limited exposure, as detailed above, the complexity of the fixes, and the potential issues that we and others have seen, we believe a detailed approach is warranted and that rushing a fix could result in an impact to system stability or unacceptable performance costs. We will update this article with details of our fixes as they become available.\n\nTo determine if this vulnerability affects aplatform and the processor type each platform uses, refer to the following table.\n\nNote : In the following table, only one entry is shown for platform models that may have several variants. For example, BIG-IP 11000, BIG-IP 11050, BIG-IP 11050F, and BIG-IP 11050N are all vulnerable and included in the table as 'BIG-IP 110x0'. Some platforms may have multiple vendor processors, such as the iSeries platforms, which have one or more Intel core processors and may have a vulnerable ARM processor in one or more subsystems. F5 does not believe that ARM processors in these subsystems are accessible to attackers, unless some other code-execution vulnerability is present, but the information is being provided out of an abundance of caution.\n\nModel Processor type Vulnerable to CVE-2019-1125Spectre SWAPGS gadget vulnerability VIPRION B21x0 Intel Y VIPRION B2250 Intel Y VIPRION B4100 AMD Y VIPRION B4200 AMD Y VIPRION B43x0 Intel Y VIPRION B44x0 Intel Y BIG-IP 800 Intel Y BIG-IP 1600 Intel Y BIG-IP 3600 Intel Y BIG-IP 3900 Intel Y BIG-IP2xx0 Intel Y BIG-IP4xx0 Intel Y BIG-IP5xx0 Intel Y BIG-IP7xx0 Intel Y BIG-IP10xx0 Intel Y BIG-IP12xx0 Intel Y BIG-IPi2x00 Intel, ARM Y BIG-IPi4x00 Intel, ARM Y BIG-IPi5x00 Intel, ARM Y BIG-IPi7x00 Intel, ARM Y BIG-IPi10x00 Intel, ARM Y BIG-IP6400 AMD Y BIG-IP6900 AMD Y BIG-IP89x0 AMD Y BIG-IP110x0 AMD Y\n\nNote : Platform models that have reached End of Technical Support (EoTS) will not be evaluated. For more information, refer toK4309: F5 platform lifecycle support policy.\n\nBIG-IQ and Enterprise Manager\n\nSystems with microprocessors that use speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access by way ofa side-channel analysis.\n\nTo determine if this vulnerability affects each platform and the processor type each platform uses, refer to the following table.\n\nModel Processor type Vulnerable to CVE-2018-3693 Spectre-NG Variant 1.1 BIG-IQ 7000 Intel Y Enterprise Manager 4000 Intel Y\n\nNote : Platform models that have reached End of Technical Support (EoTS) will not be evaluated. For more information, refer toK4309: F5 platform lifecycle support policy.\n\nTraffix\n\nSystems with microprocessors that use speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access by way of a side-channel analysis.", "cvss3": {}, "published": "2020-07-14T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Spectre SWAPGS gadget vulnerability (K31085564)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-3693", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125"], "modified": "2020-12-11T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL31085564.NASL", "href": "https://www.tenable.com/plugins/nessus/138395", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K31085564.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138395);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2018-3693\", \"CVE-2019-1071\", \"CVE-2019-1073\", \"CVE-2019-1125\");\n\n script_name(english:\"F5 Networks BIG-IP : Spectre SWAPGS gadget vulnerability (K31085564)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An information disclosure vulnerability exists when certain central\nprocessing units (CPU) speculatively access memory, aka 'Windows\nKernel Information Disclosure Vulnerability'. This CVE ID is unique\nfrom CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125also known as Spectre\nSWAPGS gadget vulnerability)\n\nA Spectre gadget was found in the Linux kernel's implementation of\nsystem interrupts. An attacker with unprivilegedlocal access could use\nthis information to reveal private data through a Spectre-like side\nchannel.\n\nImpact\n\nF5 continues to investigate the impact of the Spectre SWAPGS gadget\nvulnerability on our products. F5 is focused onproviding patched\nreleases as soon as we have fully tested and verified fixes. F5 will\nupdate this article with the most current information as soon as it is\nconfirmed.\n\nBIG-IP\n\nFirst and foremost, there is no exposure on BIG-IP products by way\nofthe data plane. All exposure is limited to the control plane (also\nknown as the management plane).\n\nFurthermore, on the control plane, the vulnerability is exploitable\nonly by four authorized, authenticated account roles: Administrator,\nResource Administrator, Manager, and iRules Manager. You must be\nauthorized to access the system in one of these roles to even attempt\nto exploit the vulnerability.\n\nThis vulnerability requires an attacker who can provideand runbinary\ncode of their choosing on the BIG-IP platform.\n\nThese conditions severely restrict the exposure risk of BIG-IP\nproducts.\n\nFor single-tenancy products, such as astandalone BIG-IP appliance, the\nrisk is limited to a local, authorized user using this vulnerability\nto read information from memory that they would not normally be able\nto access, exceeding their privileges. Effectively, the risk in a\nsingle-tenancy situation is that a user may be able to access\nkernel-space memory, instead of being limited to their own user-space.\n\nFor multi-tenancy environments, such as cloud, VE, and Virtual\nClustered Multiprocessing (vCMP), the same local risk applies as with\nsingle-tenancy environments local kernel memory access. Additionally,\nthe risk of attacks across guests exists, or attacks against the\nhypervisor/host. In cloud and VE environments, preventing these new\nattacks falls on the hypervisor/host platform, outside the scope of\nF5's ability to support or patch. Please contact your cloud provider\nor hypervisor vendor to ensure that their platforms or products are\nprotected against this Spectre vulnerability.\n\nFor vCMP environments, F5 believes that while the Spectre SWAPGS\ngadget vulnerability does offer a theoretical possibility of\nguest-to-guest or guest-to-host attacks, these would be very difficult\nto successfully conduct in the BIG-IP environment.\n\nF5 is working with our hardware component vendors to determine the\nscope of this vulnerability across our various generations of hardware\nplatforms. All of the information we currently have from our vendors\nis represented in this Security Advisory.\n\nWe are also testing the fixes produced by the Linux community. We are\nconducting anextensive test campaign to characterize the impact of the\nfixes on system performance and stabilityto ensure, as best we can, a\ngood experience for our customers. We do not want to rush the process\nand release fixes without a full understanding of any potential\nissues. Given the limited exposure, as detailed above, the complexity\nof the fixes, and the potential issues that we and others have seen,\nwe believe a detailed approach is warranted and that rushing a fix\ncould result in an impact to system stability or unacceptable\nperformance costs. We will update this article with details of our\nfixes as they become available.\n\nTo determine if this vulnerability affects aplatform and the processor\ntype each platform uses, refer to the following table.\n\nNote : In the following table, only one entry is shown for platform\nmodels that may have several variants. For example, BIG-IP 11000,\nBIG-IP 11050, BIG-IP 11050F, and BIG-IP 11050N are all vulnerable and\nincluded in the table as 'BIG-IP 110x0'. Some platforms may have\nmultiple vendor processors, such as the iSeries platforms, which have\none or more Intel core processors and may have a vulnerable ARM\nprocessor in one or more subsystems. F5 does not believe that ARM\nprocessors in these subsystems are accessible to attackers, unless\nsome other code-execution vulnerability is present, but the\ninformation is being provided out of an abundance of caution.\n\nModel Processor type Vulnerable to CVE-2019-1125Spectre SWAPGS gadget\nvulnerability VIPRION B21x0 Intel Y VIPRION B2250 Intel Y VIPRION\nB4100 AMD Y VIPRION B4200 AMD Y VIPRION B43x0 Intel Y VIPRION B44x0\nIntel Y BIG-IP 800 Intel Y BIG-IP 1600 Intel Y BIG-IP 3600 Intel Y\nBIG-IP 3900 Intel Y BIG-IP2xx0 Intel Y BIG-IP4xx0 Intel Y BIG-IP5xx0\nIntel Y BIG-IP7xx0 Intel Y BIG-IP10xx0 Intel Y BIG-IP12xx0 Intel Y\nBIG-IPi2x00 Intel, ARM Y BIG-IPi4x00 Intel, ARM Y BIG-IPi5x00 Intel,\nARM Y BIG-IPi7x00 Intel, ARM Y BIG-IPi10x00 Intel, ARM Y BIG-IP6400\nAMD Y BIG-IP6900 AMD Y BIG-IP89x0 AMD Y BIG-IP110x0 AMD Y\n\nNote : Platform models that have reached End of Technical Support\n(EoTS) will not be evaluated. For more information, refer toK4309: F5\nplatform lifecycle support policy.\n\nBIG-IQ and Enterprise Manager\n\nSystems with microprocessors that use speculative execution and\nindirect branch prediction may allow unauthorized disclosure of\ninformation to an attacker with local user access by way ofa\nside-channel analysis.\n\nTo determine if this vulnerability affects each platform and the\nprocessor type each platform uses, refer to the following table.\n\nModel Processor type Vulnerable to CVE-2018-3693 Spectre-NG Variant\n1.1 BIG-IQ 7000 Intel Y Enterprise Manager 4000 Intel Y\n\nNote : Platform models that have reached End of Technical Support\n(EoTS) will not be evaluated. For more information, refer toK4309: F5\nplatform lifecycle support policy.\n\nTraffix\n\nSystems with microprocessors that use speculative execution and\nindirect branch prediction may allow unauthorized disclosure of\ninformation to an attacker with local user access by way of a\nside-channel analysis.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K31085564\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K4309\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K31085564.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K31085564\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.0.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.5\",\"15.0.1.4\",\"14.1.2.7\",\"13.1.3.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.0.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.5\",\"15.0.1.4\",\"14.1.2.7\",\"13.1.3.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.0.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.5\",\"15.0.1.4\",\"14.1.2.7\",\"13.1.3.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.0.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.5\",\"15.0.1.4\",\"14.1.2.7\",\"13.1.3.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.0.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.5\",\"15.0.1.4\",\"14.1.2.7\",\"13.1.3.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.0.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.5\",\"15.0.1.4\",\"14.1.2.7\",\"13.1.3.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.0.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.5\",\"15.0.1.4\",\"14.1.2.7\",\"13.1.3.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.0.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.5\",\"15.0.1.4\",\"14.1.2.7\",\"13.1.3.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.0.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.5\",\"15.0.1.4\",\"14.1.2.7\",\"13.1.3.5\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"15.0.0-15.1.0\",\"14.0.0-14.1.2\",\"13.1.0-13.1.3\",\"12.1.0-12.1.5\",\"11.5.2-11.6.5\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.0.5\",\"15.0.1.4\",\"14.1.2.7\",\"13.1.3.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:29:57", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected by multiple vulnerabilities:\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-10-15T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0189)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125", "CVE-2019-14835"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0189_KERNEL-RT.NASL", "href": "https://www.tenable.com/plugins/nessus/129888", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0189. The text\n# itself is copyright (C) ZTE, Inc.\n\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129888);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2019-1125\", \"CVE-2019-14835\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0189)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected\nby multiple vulnerabilities:\n\n - An information disclosure vulnerability exists when\n certain central processing units (CPU) speculatively\n access memory, aka 'Windows Kernel Information\n Disclosure Vulnerability'. This CVE ID is unique from\n CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - A buffer overflow flaw was found, in versions from\n 2.6.34 to 5.2.x, in the way Linux kernel's vhost\n functionality that translates virtqueue buffers to IOVs,\n logged the buffer descriptors during migration. A\n privileged guest user able to pass descriptors with\n invalid length to the host when migration is underway,\n could use this flaw to increase their privileges on the\n host. (CVE-2019-14835)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0189\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL kernel-rt packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14835\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"kernel-rt-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debug-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debug-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debug-devel-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debug-kvm-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debug-kvm-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debuginfo-common-x86_64-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-devel-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-doc-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-kvm-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-kvm-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-trace-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-trace-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-trace-devel-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-trace-kvm-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-trace-kvm-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\"\n ],\n \"CGSL MAIN 5.04\": [\n \"kernel-rt-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debug-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debug-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debug-devel-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debug-kvm-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debug-kvm-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-debuginfo-common-x86_64-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-devel-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-doc-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-kvm-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-kvm-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-trace-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-trace-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-trace-devel-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-trace-kvm-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\",\n \"kernel-rt-trace-kvm-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.20.294.gaf4b22d\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:07", "description": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es) :\n\n* kernel: broken permission and object lifetime handling for PTRACE_TRACEME (CVE-2019-13272)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "RHEL 8 : kernel-rt (RHSA-2019:2405)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125", "CVE-2019-13272"], "modified": "2023-02-10T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-core", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra"], "id": "REDHAT-RHSA-2019-2405.NASL", "href": "https://www.tenable.com/plugins/nessus/127721", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2405. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127721);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/10\");\n\n script_cve_id(\"CVE-2019-1125\", \"CVE-2019-13272\");\n script_xref(name:\"RHSA\", value:\"2019:2405\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"RHEL 8 : kernel-rt (RHSA-2019:2405)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kernel-rt is now available for Red Hat Enterprise Linux\n8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which\nenables fine-tuning for systems with extremely high determinism\nrequirements.\n\nSecurity Fix(es) :\n\n* kernel: broken permission and object lifetime handling for\nPTRACE_TRACEME (CVE-2019-13272)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/articles/4329821\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2405\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-1125\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-13272\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13272\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-1125\", \"CVE-2019-13272\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:2405\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2405\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-core-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-core-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-kvm-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-kvm-debuginfo-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-modules-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-modules-extra-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-devel-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-kvm-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-kvm-debuginfo-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-modules-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-modules-extra-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-core / kernel-rt-debug / kernel-rt-debug-core / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:24:11", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2411 advisory.\n\n - kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\n - kernel: broken permission and object lifetime handling for PTRACE_TRACEME (CVE-2019-13272)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : kernel (CESA-2019:2411)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125", "CVE-2019-13272"], "modified": "2023-01-18T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:bpftool", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-abi-whitelists", "p-cpe:/a:centos:centos:kernel-core", "p-cpe:/a:centos:centos:kernel-cross-headers", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-core", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-debug-modules", "p-cpe:/a:centos:centos:kernel-debug-modules-extra", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-modules", "p-cpe:/a:centos:centos:kernel-modules-extra", "p-cpe:/a:centos:centos:kernel-tools", "p-cpe:/a:centos:centos:kernel-tools-libs", "p-cpe:/a:centos:centos:kernel-tools-libs-devel", "p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python3-perf"], "id": "CENTOS8_RHSA-2019-2411.NASL", "href": "https://www.tenable.com/plugins/nessus/145678", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:2411. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145678);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/18\");\n\n script_cve_id(\"CVE-2019-1125\", \"CVE-2019-13272\");\n script_xref(name:\"RHSA\", value:\"2019:2411\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"CentOS 8 : kernel (CESA-2019:2411)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2019:2411 advisory.\n\n - kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\n - kernel: broken permission and object lifetime handling for PTRACE_TRACEME (CVE-2019-13272)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2411\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13272\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n cve_list = make_list('CVE-2019-1125', 'CVE-2019-13272');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for CESA-2019:2411');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\npkgs = [\n {'reference':'bpftool-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / kernel-core / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:08", "description": "An update for kernel is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* kernel: broken permission and object lifetime handling for PTRACE_TRACEME (CVE-2019-13272)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "RHEL 8 : kernel (RHSA-2019:2411)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125", "CVE-2019-13272"], "modified": "2023-02-10T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8.0", "cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:bpftool-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-core", "p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-core", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:redhat:enterprise_linux:kernel-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra", "p-cpe:/a:redhat:enterprise_linux:python3-perf", "p-cpe:/a:redhat:enterprise_linux:python3-perf-debuginfo"], "id": "REDHAT-RHSA-2019-2411.NASL", "href": "https://www.tenable.com/plugins/nessus/127722", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2411. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127722);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/10\");\n\n script_cve_id(\"CVE-2019-1125\", \"CVE-2019-13272\");\n script_xref(name:\"RHSA\", value:\"2019:2411\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"RHEL 8 : kernel (RHSA-2019:2411)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* kernel: broken permission and object lifetime handling for\nPTRACE_TRACEME (CVE-2019-13272)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/articles/4329821\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2411\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-1125\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-13272\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13272\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-1125\", \"CVE-2019-13272\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:2411\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2411\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"bpftool-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"bpftool-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"bpftool-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"bpftool-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"bpftool-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"kernel-abi-whitelists-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-core-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-core-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-cross-headers-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-cross-headers-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debug-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debug-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debug-core-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debug-core-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"kernel-debug-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debug-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debug-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debug-modules-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debug-modules-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debug-modules-extra-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debug-modules-extra-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"kernel-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"kernel-debuginfo-common-aarch64-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"kernel-doc-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-headers-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-headers-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-modules-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-modules-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-modules-extra-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-modules-extra-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-tools-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-tools-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"kernel-tools-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-tools-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-tools-libs-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"kernel-tools-libs-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-zfcpdump-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-zfcpdump-core-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-zfcpdump-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-zfcpdump-modules-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-zfcpdump-modules-extra-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"perf-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"perf-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"perf-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"perf-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"perf-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"python3-perf-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"python3-perf-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"python3-perf-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"python3-perf-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"python3-perf-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / kernel-abi-whitelists / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:21:45", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2600 advisory.\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially- crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.\n (CVE-2019-9500)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-09-05T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : kernel (ELSA-2019-2600)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125", "CVE-2019-9500", "CVE-2019-9503"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:bpftool", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2019-2600.NASL", "href": "https://www.tenable.com/plugins/nessus/128513", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-2600.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128513);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2019-1125\", \"CVE-2019-9500\");\n script_xref(name:\"RHSA\", value:\"2019:2600\");\n\n script_name(english:\"Oracle Linux 7 : kernel (ELSA-2019-2600)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2019-2600 advisory.\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively\n access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from\n CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable\n to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event\n frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This\n vulnerability can be exploited with compromised chipsets to compromise the host, or when used in\n combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-\n crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a\n vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.\n (CVE-2019-9500)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-2600.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9500\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['3.10.0-1062.1.1.el7'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-2600');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '3.10';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'bpftool-3.10.0-1062.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-1062.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-3.10.0'},\n {'reference':'kernel-abi-whitelists-3.10.0-1062.1.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-whitelists-3.10.0'},\n {'reference':'kernel-debug-3.10.0-1062.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-3.10.0'},\n {'reference':'kernel-debug-devel-3.10.0-1062.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-3.10.0'},\n {'reference':'kernel-devel-3.10.0-1062.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-3.10.0'},\n {'reference':'kernel-headers-3.10.0-1062.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-3.10.0'},\n {'reference':'kernel-tools-3.10.0-1062.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-3.10.0'},\n {'reference':'kernel-tools-libs-3.10.0-1062.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-3.10.0'},\n {'reference':'kernel-tools-libs-devel-3.10.0-1062.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-devel-3.10.0'},\n {'reference':'perf-3.10.0-1062.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-1062.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:29:58", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities:\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system. (CVE-2019-14821)\n\n - A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-10-15T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0200)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125", "CVE-2019-14821", "CVE-2019-14835"], "modified": "2022-05-18T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0200_KERNEL.NASL", "href": "https://www.tenable.com/plugins/nessus/129924", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0200. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129924);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-1125\", \"CVE-2019-14821\", \"CVE-2019-14835\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0200)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by\nmultiple vulnerabilities:\n\n - An information disclosure vulnerability exists when\n certain central processing units (CPU) speculatively\n access memory, aka 'Windows Kernel Information\n Disclosure Vulnerability'. This CVE ID is unique from\n CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - An out-of-bounds access issue was found in the Linux\n kernel, all versions through 5.3, in the way Linux\n kernel's KVM hypervisor implements the Coalesced MMIO\n write operation. It operates on an MMIO ring buffer\n 'struct kvm_coalesced_mmio' object, wherein write\n indices 'ring->first' and 'ring->last' value could be\n supplied by a host user-space process. An unprivileged\n host user or process with access to '/dev/kvm' device\n could use this flaw to crash the host kernel, resulting\n in a denial of service or potentially escalating\n privileges on the system. (CVE-2019-14821)\n\n - A buffer overflow flaw was found, in versions from\n 2.6.34 to 5.2.x, in the way Linux kernel's vhost\n functionality that translates virtqueue buffers to IOVs,\n logged the buffer descriptors during migration. A\n privileged guest user able to pass descriptors with\n invalid length to the host when migration is underway,\n could use this flaw to increase their privileges on the\n host. (CVE-2019-14835)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0200\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL kernel packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14835\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-14821\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"kernel-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-abi-whitelists-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-core-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-debug-core-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-debug-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-debug-devel-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-debug-modules-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-debuginfo-common-x86_64-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-devel-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-doc-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-headers-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-modules-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-sign-keys-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-tools-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-tools-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-tools-libs-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"kernel-tools-libs-devel-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"perf-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"python-perf-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\",\n \"python-perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.22.462.gc02854e.lite\"\n ],\n \"CGSL MAIN 5.04\": [\n \"kernel-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-abi-whitelists-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-debug-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-debug-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-debug-devel-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-debuginfo-common-x86_64-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-devel-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-doc-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-headers-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-sign-keys-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-tools-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-tools-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-tools-libs-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"kernel-tools-libs-devel-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"perf-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"python-perf-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\",\n \"python-perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.22.459.gdcac6d6\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:24:15", "description": "Rebase to the v5.1 kernel series\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-06-07T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers / kernel-tools (2019-7ec378191e)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12378", "CVE-2019-12379", "CVE-2019-12380", "CVE-2019-12381", "CVE-2019-12382", "CVE-2019-3846"], "modified": "2020-01-10T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-7EC378191E.NASL", "href": "https://www.tenable.com/plugins/nessus/125746", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-7ec378191e.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125746);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/10\");\n\n script_cve_id(\"CVE-2019-12378\", \"CVE-2019-12379\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-3846\");\n script_xref(name:\"FEDORA\", value:\"2019-7ec378191e\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers / kernel-tools (2019-7ec378191e)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Rebase to the v5.1 kernel series\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-7ec378191e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-12378\", \"CVE-2019-12379\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-3846\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-7ec378191e\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-5.1.6-200.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-5.1.6-200.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-tools-5.1.6-200.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:29:48", "description": "The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14157-1 advisory.\n\n - In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23. (CVE-2015-9289)\n\n - An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace. (CVE-2018-20855)\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c.\n This causes a Denial of Service, related to a use-after-free. (CVE-2019-11810)\n\n - In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages. (CVE-2019-13631)\n\n - In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default. (CVE-2019-14283)\n\n - In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default. (CVE-2019-14284)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-06-10T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : kernel (SUSE-SU-2019:14157-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-9289", "CVE-2018-20855", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125", "CVE-2019-11810", "CVE-2019-13631", "CVE-2019-14283", "CVE-2019-14284"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-bigmem", "p-cpe:/a:novell:suse_linux:kernel-bigmem-base", "p-cpe:/a:novell:suse_linux:kernel-bigmem-devel", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-ec2", "p-cpe:/a:novell:suse_linux:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:kernel-pae", "p-cpe:/a:novell:suse_linux:kernel-pae-base", "p-cpe:/a:novell:suse_linux:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:kernel-ppc64", "p-cpe:/a:novell:suse_linux:kernel-ppc64-base", "p-cpe:/a:novell:suse_linux:kernel-ppc64-devel", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-trace", "p-cpe:/a:novell:suse_linux:kernel-trace-base", "p-cpe:/a:novell:suse_linux:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2019-14157-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150618", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2019:14157-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150618);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2015-9289\",\n \"CVE-2018-20855\",\n \"CVE-2019-1125\",\n \"CVE-2019-11810\",\n \"CVE-2019-13631\",\n \"CVE-2019-14283\",\n \"CVE-2019-14284\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2019:14157-1\");\n script_xref(name:\"IAVA\", value:\"2019-A-0290-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0293-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0285-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0284-S\");\n\n script_name(english:\"SUSE SLES11 Security Update : kernel (SUSE-SU-2019:14157-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2019:14157-1 advisory.\n\n - In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in\n drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the\n userspace API. However, the code allows larger values such as 23. (CVE-2015-9289)\n\n - An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in\n drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of\n stack memory to userspace. (CVE-2018-20855)\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively\n access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from\n CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when\n megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c.\n This causes a Denial of Service, related to a use-after-free. (CVE-2019-11810)\n\n - In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a\n malicious USB device can send an HID report that triggers an out-of-bounds write during generation of\n debugging messages. (CVE-2019-13631)\n\n - In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and\n head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an\n unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by\n default. (CVE-2019-14283)\n\n - In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params\n division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry\n with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should\n be called. It can be triggered by an unprivileged local user even when a floppy disk has not been\n inserted. NOTE: QEMU creates the floppy device by default. (CVE-2019-14284)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1134390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1134399\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1138744\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1139358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1140945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1140965\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1141401\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1141402\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1141452\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1141453\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1141454\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1142023\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1143045\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1143179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1143189\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1143191\");\n # https://lists.suse.com/pipermail/sle-security-updates/2019-August/005859.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?542ab5fc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2015-9289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-20855\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-1125\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-11810\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-13631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14283\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14284\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-9289\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-14283\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigmem-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigmem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ppc64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ppc64-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ppc64-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\npkgs = [\n {'reference':'kernel-default-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-default-base-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-default-devel-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-default-man-3.0.101-108.101', 'sp':'4', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-ec2-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-ec2-3.0.101-108.101', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-ec2-base-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-ec2-base-3.0.101-108.101', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-ec2-devel-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-ec2-devel-3.0.101-108.101', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-pae-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-pae-base-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-pae-devel-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-source-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-syms-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-trace-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-trace-base-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-trace-devel-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-xen-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-xen-3.0.101-108.101', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-xen-base-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-xen-base-3.0.101-108.101', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-xen-devel-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-xen-devel-3.0.101-108.101', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kernel-default-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-default-base-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-default-devel-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-default-man-3.0.101-108.101', 'sp':'4', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-ec2-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-ec2-3.0.101-108.101', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-ec2-base-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-ec2-base-3.0.101-108.101', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-ec2-devel-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-ec2-devel-3.0.101-108.101', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-pae-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-pae-base-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-pae-devel-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-source-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-syms-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-trace-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-trace-base-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-trace-devel-3.0.101-108.101', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-xen-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-xen-3.0.101-108.101', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-xen-base-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-xen-base-3.0.101-108.101', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-xen-devel-3.0.101-108.101', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'kernel-xen-devel-3.0.101-108.101', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n exists_check = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release && exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n else if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-default / kernel-default-base / kernel-default-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:27:53", "description": "The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2473 advisory.\n\n - The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable. (CVE-2017-17805)\n\n - The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (CVE-2019-5489)\n\n - An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents. (CVE-2018-17972)\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-08-20T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : kernel (ELSA-2019-2473)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17805", "CVE-2018-17972", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125", "CVE-2019-5489"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2019-2473.NASL", "href": "https://www.tenable.com/plugins/nessus/127982", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-2473.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127982);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\n \"CVE-2017-17805\",\n \"CVE-2018-17972\",\n \"CVE-2019-1125\",\n \"CVE-2019-5489\"\n );\n script_xref(name:\"RHSA\", value:\"2019:2473\");\n script_xref(name:\"IAVA\", value:\"2020-A-0325-S\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2019-2473)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2019-2473 advisory.\n\n - The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length\n inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface\n (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel\n crash) or have unspecified other impact by executing a crafted sequence of system calls that use the\n blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation\n (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable. (CVE-2017-17805)\n\n - The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers\n to observe page cache access patterns of other processes on the same system, potentially allowing sniffing\n of secret information. (Fixing this affects the output of the fincore program.) Limited remote\n exploitation may be possible, as demonstrated by latency differences in accessing public files from an\n Apache HTTP Server. (CVE-2019-5489)\n\n - An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through\n 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a\n local attacker to exploit racy stack unwinding and leak kernel task stack contents. (CVE-2018-17972)\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively\n access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from\n CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-2473.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-17805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.32-754.18.2.el6'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-2473');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-2.6.32-754.18.2.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.32'},\n {'reference':'kernel-2.6.32-754.18.2.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.32'},\n {'reference':'kernel-abi-whitelists-2.6.32-754.18.2.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-whitelists-2.6.32'},\n {'reference':'kernel-debug-2.6.32-754.18.2.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.32'},\n {'reference':'kernel-debug-2.6.32-754.18.2.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.32'},\n {'reference':'kernel-debug-devel-2.6.32-754.18.2.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.32'},\n {'reference':'kernel-debug-devel-2.6.32-754.18.2.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.32'},\n {'reference':'kernel-devel-2.6.32-754.18.2.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.32'},\n {'reference':'kernel-devel-2.6.32-754.18.2.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.32'},\n {'reference':'kernel-firmware-2.6.32-754.18.2.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-firmware-2.6.32'},\n {'reference':'kernel-headers-2.6.32-754.18.2.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.32'},\n {'reference':'kernel-headers-2.6.32-754.18.2.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.32'},\n {'reference':'perf-2.6.32-754.18.2.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-2.6.32-754.18.2.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-2.6.32-754.18.2.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-2.6.32-754.18.2.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-debug / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:48", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.(CVE-2018-10323)\n\n - A flaw was found in the Linux kernel's ext4 filesystem.\n A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.(CVE-2018-10879)\n\n - A flaw was found in the Linux kernel's ext4 filesystem.\n A local user can cause an out-of-bound write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. (CVE-2018-10883)\n\n - The Linux kernel was found vulnerable to an integer overflow in the drivers/video/fbdev/uvesafb.c:uvesafb_setcmap() function. The vulnerability could result in local attackers being able to crash the kernel or potentially elevate privileges.(CVE-2018-13406)\n\n - It was found that paravirt_patch_call/jump() functions in the arch/x86/kernel/paravirt.c in the Linux kernel mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtualized guests. (CVE-2018-15594)\n\n - A flaw was found in the Linux kernel's NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence.\n This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost. (CVE-2018-16871)\n\n - A vulnerability was found in the Linux kernelaEURtms floppy disk driver implementation. A local attacker with access to the floppy device could call set_geometry in drivers/block/floppy.c, which does not validate the sect and head fields, causing an integer overflow and out-of-bounds read. This flaw may crash the system or allow an attacker to gather information causing subsequent successful attacks. (CVE-2019-14283)\n\n - A vulnerability was found in the Linux kernelaEURtms floppy disk driver implementation. A local attacker with access to the floppy disk device file (/dev/fd0 through to /dev/fdN) can create a situation that causes the kernel to divide by zero. This requires two consecutive ioctl calls to be issued. The first ioctl call sets the sector and rate values, and the second ioctl is the call to format the floppy disk to the appropriate values. This flaw can cause the system to divide by zero and panic the host. No media (floppy) is required to be inserted for this attack to work properly.(CVE-2019-14284)\n\n - In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c.(CVE-2019-13648)\n\n - In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages. (CVE-2019-13631)\n\n - An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).\n NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference. (CVE-2019-12382)\n\n - An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop-i1/4zname, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). (CVE-2019-12614)\n\n - An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an\n __blk_drain_queue() use-after-free because a certain error case is mishandled.(CVE-2018-20856)\n\n - An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL.(CVE-2019-12381)\n\n - An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue.(CVE-2019-12378)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-16T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1919)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10323", "CVE-2018-10879", "CVE-2018-10883", "CVE-2018-13406", "CVE-2018-15594", "CVE-2018-16871", "CVE-2018-20856", "CVE-2019-12378", "CVE-2019-12381", "CVE-2019-12382", "CVE-2019-12614", "CVE-2019-13631", "CVE-2019-13648", "CVE-2019-14283", "CVE-2019-14284"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1919.NASL", "href": "https://www.tenable.com/plugins/nessus/128842", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128842);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-10323\",\n \"CVE-2018-10879\",\n \"CVE-2018-10883\",\n \"CVE-2018-13406\",\n \"CVE-2018-15594\",\n \"CVE-2018-16871\",\n \"CVE-2018-20856\",\n \"CVE-2019-12378\",\n \"CVE-2019-12381\",\n \"CVE-2019-12382\",\n \"CVE-2019-12614\",\n \"CVE-2019-13631\",\n \"CVE-2019-13648\",\n \"CVE-2019-14283\",\n \"CVE-2019-14284\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1919)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The xfs_bmap_extents_to_btree function in\n fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through\n 4.16.3 allows local users to cause a denial of service\n (xfs_bmapi_write NULL pointer dereference) via a\n crafted xfs image.(CVE-2018-10323)\n\n - A flaw was found in the Linux kernel's ext4 filesystem.\n A local user can cause a use-after-free in\n ext4_xattr_set_entry function and a denial of service\n or unspecified other impact may occur by renaming a\n file in a crafted ext4 filesystem\n image.(CVE-2018-10879)\n\n - A flaw was found in the Linux kernel's ext4 filesystem.\n A local user can cause an out-of-bound write in\n jbd2_journal_dirty_metadata(), a denial of service, and\n a system crash by mounting and operating on a crafted\n ext4 filesystem image. (CVE-2018-10883)\n\n - The Linux kernel was found vulnerable to an integer\n overflow in the\n drivers/video/fbdev/uvesafb.c:uvesafb_setcmap()\n function. The vulnerability could result in local\n attackers being able to crash the kernel or potentially\n elevate privileges.(CVE-2018-13406)\n\n - It was found that paravirt_patch_call/jump() functions\n in the arch/x86/kernel/paravirt.c in the Linux kernel\n mishandles certain indirect calls, which makes it\n easier for attackers to conduct Spectre-v2 attacks\n against paravirtualized guests. (CVE-2018-15594)\n\n - A flaw was found in the Linux kernel's NFS\n implementation. An attacker, who is able to mount an\n exported NFS filesystem, is able to trigger a null\n pointer dereference by using an invalid NFS sequence.\n This can panic the machine and deny access to the NFS\n server. Any outstanding disk writes to the NFS server\n will be lost. (CVE-2018-16871)\n\n - A vulnerability was found in the Linux kernelaEURtms\n floppy disk driver implementation. A local attacker\n with access to the floppy device could call\n set_geometry in drivers/block/floppy.c, which does not\n validate the sect and head fields, causing an integer\n overflow and out-of-bounds read. This flaw may crash\n the system or allow an attacker to gather information\n causing subsequent successful attacks. (CVE-2019-14283)\n\n - A vulnerability was found in the Linux kernelaEURtms\n floppy disk driver implementation. A local attacker\n with access to the floppy disk device file (/dev/fd0\n through to /dev/fdN) can create a situation that causes\n the kernel to divide by zero. This requires two\n consecutive ioctl calls to be issued. The first ioctl\n call sets the sector and rate values, and the second\n ioctl is the call to format the floppy disk to the\n appropriate values. This flaw can cause the system to\n divide by zero and panic the host. No media (floppy) is\n required to be inserted for this attack to work\n properly.(CVE-2019-14284)\n\n - In the Linux kernel through 5.2.1 on the powerpc\n platform, when hardware transactional memory is\n disabled, a local user can cause a denial of service\n (TM Bad Thing exception and system crash) via a\n sigreturn() system call that sends a crafted signal\n frame. This affects arch/powerpc/kernel/signal_32.c and\n arch/powerpc/kernel/signal_64.c.(CVE-2019-13648)\n\n - In parse_hid_report_descriptor in\n drivers/input/tablet/gtco.c in the Linux kernel through\n 5.2.1, a malicious USB device can send an HID report\n that triggers an out-of-bounds write during generation\n of debugging messages. (CVE-2019-13631)\n\n - An issue was discovered in drm_load_edid_firmware in\n drivers/gpu/drm/drm_edid_load.c in the Linux kernel\n through 5.1.5. There is an unchecked kstrdup of fwstr,\n which might allow an attacker to cause a denial of\n service (NULL pointer dereference and system crash).\n NOTE: The vendor disputes this issues as not being a\n vulnerability because kstrdup() returning NULL is\n handled sufficiently and there is no chance for a NULL\n pointer dereference. (CVE-2019-12382)\n\n - An issue was discovered in dlpar_parse_cc_property in\n arch/powerpc/platforms/pseries/dlpar.c in the Linux\n kernel through 5.1.6. There is an unchecked kstrdup of\n prop-i1/4zname, which might allow an attacker to cause a\n denial of service (NULL pointer dereference and system\n crash). (CVE-2019-12614)\n\n - An issue was discovered in the Linux kernel before\n 4.18.7. In block/blk-core.c, there is an\n __blk_drain_queue() use-after-free because a certain\n error case is mishandled.(CVE-2018-20856)\n\n - An issue was discovered in ip_ra_control in\n net/ipv4/ip_sockglue.c in the Linux kernel through\n 5.1.5. There is an unchecked kmalloc of new_ra, which\n might allow an attacker to cause a denial of service\n (NULL pointer dereference and system crash). NOTE: this\n is disputed because new_ra is never used if it is\n NULL.(CVE-2019-12381)\n\n - An issue was discovered in ip6_ra_control in\n net/ipv6/ipv6_sockglue.c in the Linux kernel through\n 5.1.5. There is an unchecked kmalloc of new_ra, which\n might allow an attacker to cause a denial of service\n (NULL pointer dereference and system crash). NOTE: This\n has been disputed as not an issue.(CVE-2019-12378)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1919\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1fdbaa67\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-13406\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-862.14.1.2.h239.eulerosv2r7\",\n \"kernel-devel-3.10.0-862.14.1.2.h239.eulerosv2r7\",\n \"kernel-headers-3.10.0-862.14.1.2.h239.eulerosv2r7\",\n \"kernel-tools-3.10.0-862.14.1.2.h239.eulerosv2r7\",\n \"kernel-tools-libs-3.10.0-862.14.1.2.h239.eulerosv2r7\",\n \"perf-3.10.0-862.14.1.2.h239.eulerosv2r7\",\n \"python-perf-3.10.0-862.14.1.2.h239.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:26:11", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2019-06-24T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Linux PHSA-2019-2.0-0165", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479", "CVE-2019-12378", "CVE-2019-12379", "CVE-2019-12381", "CVE-2019-12382", "CVE-2019-12456"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0165_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/126106", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0165. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126106);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-11477\",\n \"CVE-2019-11478\",\n \"CVE-2019-11479\",\n \"CVE-2019-12378\",\n \"CVE-2019-12379\",\n \"CVE-2019-12381\",\n \"CVE-2019-12382\",\n \"CVE-2019-12456\"\n );\n script_bugtraq_id(\n 108473,\n 108474,\n 108475,\n 108478,\n 108798,\n 108801,\n 108818\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0456\");\n\n script_name(english:\"Photon OS 2.0: Linux PHSA-2019-2.0-0165\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-165.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-12456\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-api-headers-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-debuginfo-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-devel-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-docs-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-drivers-gpu-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-oprofile-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-sound-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-tools-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-debuginfo-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-devel-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-docs-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-drivers-gpu-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-esx-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-esx-debuginfo-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-esx-devel-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-esx-docs-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-oprofile-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-secure-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-secure-debuginfo-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-secure-devel-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-secure-docs-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-secure-lkcm-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-sound-4.9.182-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-tools-4.9.182-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:24:16", "description": "Update to v5.1.7\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-06-10T00:00:00", "type": "nessus", "title": "Fedora 30 : kernel / kernel-headers (2019-f40bd7826f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12378", "CVE-2019-12379", "CVE-2019-12380", "CVE-2019-12381", "CVE-2019-12382", "CVE-2019-12454", "CVE-2019-12455", "CVE-2019-3846"], "modified": "2020-01-10T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-F40BD7826F.NASL", "href": "https://www.tenable.com/plugins/nessus/125790", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-f40bd7826f.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125790);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/10\");\n\n script_cve_id(\"CVE-2019-12378\", \"CVE-2019-12379\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-12454\", \"CVE-2019-12455\", \"CVE-2019-3846\");\n script_xref(name:\"FEDORA\", value:\"2019-f40bd7826f\");\n\n script_name(english:\"Fedora 30 : kernel / kernel-headers (2019-f40bd7826f)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to v5.1.7\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-f40bd7826f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel and / or kernel-headers packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-12378\", \"CVE-2019-12379\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-12454\", \"CVE-2019-12455\", \"CVE-2019-3846\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-f40bd7826f\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"kernel-5.1.7-300.fc30\")) flag++;\nif (rpm_check(release:\"FC30\", reference:\"kernel-headers-5.1.7-300.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:53", "description": "According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability :\n\n - nfs: NULL pointer dereference due to an anomalized NFS message sequence. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence.\n This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-02-04T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : readykernel-patch (VZA-2019-064)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16871"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:readykernel", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZA-2019-064.NASL", "href": "https://www.tenable.com/plugins/nessus/133457", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133457);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2018-16871\"\n );\n\n script_name(english:\"Virtuozzo 7 : readykernel-patch (VZA-2019-064)\");\n script_summary(english:\"Checks the readykernel output for the updated patch.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the vzkernel package and the\nreadykernel-patch installed, the Virtuozzo installation on the remote\nhost is affected by the following vulnerability :\n\n - nfs: NULL pointer dereference due to an anomalized NFS\n message sequence. An attacker, who is able to mount an\n exported NFS filesystem, is able to trigger a null\n pointer dereference by using an invalid NFS sequence.\n This can panic the machine and deny access to the NFS\n server. Any outstanding disk writes to the NFS server\n will be lost.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://virtuozzosupport.force.com/s/article/VZA-2019-064\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-96.21-85.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?61420692\");\n script_set_attribute(attribute:\"solution\", value:\"Update the readykernel patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:readykernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\", \"Host/readykernel-info\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"readykernel.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nrk_info = get_kb_item(\"Host/readykernel-info\");\nif (empty_or_null(rk_info)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\n\nchecks = make_list2(\n make_array(\n \"kernel\",\"vzkernel-3.10.0-957.12.2.vz7.96.21\",\n \"patch\",\"readykernel-patch-96.21-85.0-1.vl7\"\n )\n);\nreadykernel_execute_checks(checks:checks, severity:SECURITY_WARNING, release:\"Virtuozzo-7\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:26:03", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system:\n memory allocation, process allocation, device input and output, etc. Security Fix(es):An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments.\n If the Maximum Segment Size (MSS) of a TCP connection was set to low values, such as 48 bytes, it can leave as little as 8 bytes for the user data, which significantly increases the Linux kernel's resource (CPU, Memory, and Bandwidth) utilization. A remote attacker could use this flaw to cause a denial of service (DoS) by repeatedly sending network traffic on a TCP connection with low TCP MSS.(CVE-2019-11479)An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented, which leads to increased resource utilization to traverse and process these fragments as further SACK segments are received on the same TCP connection. A remote attacker could use this flaw to cause a denial of service (DoS) by sending a crafted sequence of SACK segments on a TCP connection.(CVE-2019-11478)An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes. To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service (DoS).(CVE-2019-11477)A flaw was found in the Linux kernel's implementation of ext4 extent management. The kernel doesn't correctly initialize memory regions in the extent tree block which may be exported to a local user to obtain sensitive information by reading empty/uninitialized data from the filesystem.(CVE-2019-11833)** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).\n NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.(CVE-2019-12382)Note1:\n kernel-4.19.36-vhulk1907.1.0.h529 and earlier versions in EulerOS Virtualization for ARM 64 3.0.2.0 return incorrect time information when executing the uname -a command.Note2: The kernel version number naming format has been changed after 4.19.36-1.2.184.aarch64, the new version format is 4.19.36-vhulk1907.1.0.hxxx.aarch64, which may lead to false positives of this security advisory.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2019-1702)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479", "CVE-2019-11833", "CVE-2019-12382"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2019-1702.NASL", "href": "https://www.tenable.com/plugins/nessus/126544", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126544);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\n \"CVE-2019-11477\",\n \"CVE-2019-11478\",\n \"CVE-2019-11479\",\n \"CVE-2019-11833\",\n \"CVE-2019-12382\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0456\");\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2019-1702)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz),\n the core of any Linux operating system. The kernel\n handles the basic functions of the operating system:\n memory allocation, process allocation, device input and\n output, etc. Security Fix(es):An excessive resource\n consumption flaw was found in the way the Linux\n kernel's networking subsystem processed TCP segments.\n If the Maximum Segment Size (MSS) of a TCP connection\n was set to low values, such as 48 bytes, it can leave\n as little as 8 bytes for the user data, which\n significantly increases the Linux kernel's resource\n (CPU, Memory, and Bandwidth) utilization. A remote\n attacker could use this flaw to cause a denial of\n service (DoS) by repeatedly sending network traffic on\n a TCP connection with low TCP MSS.(CVE-2019-11479)An\n excessive resource consumption flaw was found in the\n way the Linux kernel's networking subsystem processed\n TCP Selective Acknowledgment (SACK) segments. While\n processing SACK segments, the Linux kernel's socket\n buffer (SKB) data structure becomes fragmented, which\n leads to increased resource utilization to traverse and\n process these fragments as further SACK segments are\n received on the same TCP connection. A remote attacker\n could use this flaw to cause a denial of service (DoS)\n by sending a crafted sequence of SACK segments on a TCP\n connection.(CVE-2019-11478)An integer overflow flaw was\n found in the way the Linux kernel's networking\n subsystem processed TCP Selective Acknowledgment (SACK)\n segments. While processing SACK segments, the Linux\n kernel's socket buffer (SKB) data structure becomes\n fragmented. Each fragment is about TCP maximum segment\n size (MSS) bytes. To efficiently process SACK blocks,\n the Linux kernel merges multiple fragmented SKBs into\n one, potentially overflowing the variable holding the\n number of segments. A remote attacker could use this\n flaw to crash the Linux kernel by sending a crafted\n sequence of SACK segments on a TCP connection with\n small value of TCP MSS, resulting in a denial of\n service (DoS).(CVE-2019-11477)A flaw was found in the\n Linux kernel's implementation of ext4 extent\n management. The kernel doesn't correctly initialize\n memory regions in the extent tree block which may be\n exported to a local user to obtain sensitive\n information by reading empty/uninitialized data from\n the filesystem.(CVE-2019-11833)** DISPUTED ** An issue\n was discovered in drm_load_edid_firmware in\n drivers/gpu/drm/drm_edid_load.c in the Linux kernel\n through 5.1.5. There is an unchecked kstrdup of fwstr,\n which might allow an attacker to cause a denial of\n service (NULL pointer dereference and system crash).\n NOTE: The vendor disputes this issues as not being a\n vulnerability because kstrdup() returning NULL is\n handled sufficiently and there is no chance for a NULL\n pointer dereference.(CVE-2019-12382)Note1:\n kernel-4.19.36-vhulk1907.1.0.h529 and earlier versions\n in EulerOS Virtualization for ARM 64 3.0.2.0 return\n incorrect time information when executing the uname -a\n command.Note2: The kernel version number naming format\n has been changed after 4.19.36-1.2.184.aarch64, the new\n version format is 4.19.36-vhulk1907.1.0.hxxx.aarch64,\n which may lead to false positives of this security\n advisory.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1702\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9c8f7a45\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11833\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-4.19.36-1.2.184\",\n \"kernel-devel-4.19.36-1.2.184\",\n \"kernel-headers-4.19.36-1.2.184\",\n \"kernel-tools-4.19.36-1.2.184\",\n \"kernel-tools-libs-4.19.36-1.2.184\",\n \"kernel-tools-libs-devel-4.19.36-1.2.184\",\n \"perf-4.19.36-1.2.184\",\n \"python-perf-4.19.36-1.2.184\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:25:30", "description": "Update to v5.1.18\n\n----\n\nUpdate to v5.1.17\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-07-19T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers (2019-a95015e60f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13272"], "modified": "2021-12-20T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-A95015E60F.NASL", "href": "https://www.tenable.com/plugins/nessus/126801", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-a95015e60f.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126801);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/20\");\n\n script_cve_id(\"CVE-2019-13272\");\n script_xref(name:\"FEDORA\", value:\"2019-a95015e60f\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers (2019-a95015e60f)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Update to v5.1.18\n\n----\n\nUpdate to v5.1.17\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-a95015e60f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel and / or kernel-headers packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-13272\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-a95015e60f\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-5.1.18-200.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-5.1.18-200.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:27:06", "description": "Jann Horn discovered that the ptrace subsystem in the Linux kernel mishandles the management of the credentials of a process that wants to create a ptrace relationship, allowing a local user to obtain root privileges under certain scenarios.\n\nFor Debian 8 'Jessie', this problem has been fixed in version 4.9.168-1+deb9u4~deb8u1.\n\nWe recommend that you upgrade your linux-4.9 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-07-24T00:00:00", "type": "nessus", "title": "Debian DLA-1863-1 : linux-4.9 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13272"], "modified": "2021-12-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.9-arm", "p-cpe:/a:debian:debian_linux:linux-doc-4.9", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-686", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-all", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-all-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-all-armel", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-all-armhf", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-all-i386", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-common", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-common-rt", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-marvell", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-686", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-686-pae", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-amd64", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-armmp", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-marvell", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-kbuild-4.9", "p-cpe:/a:debian:debian_linux:linux-manual-4.9", "p-cpe:/a:debian:debian_linux:linux-perf-4.9", "p-cpe:/a:debian:debian_linux:linux-source-4.9", "p-cpe:/a:debian:debian_linux:linux-support-4.9.0-0.bpo.7", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1863.NASL", "href": "https://www.tenable.com/plugins/nessus/126965", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1863-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126965);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/20\");\n\n script_cve_id(\"CVE-2019-13272\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"Debian DLA-1863-1 : linux-4.9 security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Jann Horn discovered that the ptrace subsystem in the Linux kernel\nmishandles the management of the credentials of a process that wants\nto create a ptrace relationship, allowing a local user to obtain root\nprivileges under certain scenarios.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n4.9.168-1+deb9u4~deb8u1.\n\nWe recommend that you upgrade your linux-4.9 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2019/07/msg00023.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/jessie/linux-4.9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.9-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-all-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-all-armel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-all-armhf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-all-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-common-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-0.bpo.7-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-0.bpo.7-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-kbuild-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-manual-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-perf-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-4.9.0-0.bpo.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.9-arm\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-doc-4.9\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-686\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-686-pae\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-all\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-all-amd64\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-all-armel\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-all-armhf\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-all-i386\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-amd64\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-armmp\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-armmp-lpae\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-common\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-common-rt\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-marvell\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-rt-686-pae\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-4.9.0-0.bpo.7-rt-amd64\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-4.9.0-0.bpo.7-686\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-4.9.0-0.bpo.7-686-pae\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-4.9.0-0.bpo.7-686-pae-dbg\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-4.9.0-0.bpo.7-amd64\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-4.9.0-0.bpo.7-amd64-dbg\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-4.9.0-0.bpo.7-armmp\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-4.9.0-0.bpo.7-armmp-lpae\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-4.9.0-0.bpo.7-marvell\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-4.9.0-0.bpo.7-rt-686-pae\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-4.9.0-0.bpo.7-rt-686-pae-dbg\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-4.9.0-0.bpo.7-rt-amd64\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-4.9.0-0.bpo.7-rt-amd64-dbg\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-kbuild-4.9\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-manual-4.9\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-perf-4.9\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-source-4.9\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-support-4.9.0-0.bpo.7\", reference:\"4.9.168-1+deb9u4~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:25:58", "description": "The 5.0.19 update contains a number of important fixes across the tree\n\n----\n\nThe 5.0.18 kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-06-04T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers / kernel-tools (2019-48b34fc991)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11833"], "modified": "2020-01-13T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-48B34FC991.NASL", "href": "https://www.tenable.com/plugins/nessus/125684", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-48b34fc991.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125684);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/13\");\n\n script_cve_id(\"CVE-2019-11833\");\n script_xref(name:\"FEDORA\", value:\"2019-48b34fc991\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers / kernel-tools (2019-48b34fc991)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 5.0.19 update contains a number of important fixes across the tree\n\n----\n\nThe 5.0.18 kernel update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-48b34fc991\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-11833\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-48b34fc991\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-5.0.19-200.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-5.0.19-200.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-tools-5.0.19-200.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:38", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568)\n\n* kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members (CVE-2018-13405)\n\n* kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)\n\n* kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* fragmented packets timing out (BZ#1729411)\n\n* kernel build: speed up debuginfo extraction (BZ#1731462)\n\n* TCP packets are segmented when sent to the VM (TAP) (BZ#1732744)\n\n* TCP packets are segmented when sent to the VLAN device when coming from VXLAN dev. (BZ#1732809)\n\n* skb head copy occurs when sending traffic over OVS managed VXLAN tunnel (BZ #1733626)\n\n* [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734160)\n\n* use 'make -jN' for modules_install (BZ#1735081)\n\n* shmem: consider shm_mnt as a long-term mount (BZ#1737376)\n\n* [ESXi][RHEL7]use-after-free of scsi_cmnd on VMware virtual guest with vmw_pvscsi and ata_piix (BZ#1737377)\n\n* Backport TCP follow-up for small buffers (BZ#1739127)", "cvss3": {}, "published": "2019-09-11T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2019:2696)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13405", "CVE-2018-16871", "CVE-2018-16884", "CVE-2018-9568", "CVE-2019-1125"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7.4"], "id": "REDHAT-RHSA-2019-2696.NASL", "href": "https://www.tenable.com/plugins/nessus/128662", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2696. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128662);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2018-9568\",\n \"CVE-2018-13405\",\n \"CVE-2018-16871\",\n \"CVE-2018-16884\",\n \"CVE-2019-1125\"\n );\n script_xref(name:\"RHSA\", value:\"2019:2696\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2019:2696)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.4\nExtended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* kernel: Memory corruption due to incorrect socket cloning\n(CVE-2018-9568)\n\n* kernel: Missing check in fs/inode.c:inode_init_owner() does not\nclear SGID bit on non-directories for non-members (CVE-2018-13405)\n\n* kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)\n\n* kernel: nfs: NULL pointer dereference due to an anomalized NFS\nmessage sequence (CVE-2018-16871)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* fragmented packets timing out (BZ#1729411)\n\n* kernel build: speed up debuginfo extraction (BZ#1731462)\n\n* TCP packets are segmented when sent to the VM (TAP) (BZ#1732744)\n\n* TCP packets are segmented when sent to the VLAN device when coming\nfrom VXLAN dev. (BZ#1732809)\n\n* skb head copy occurs when sending traffic over OVS managed VXLAN\ntunnel (BZ #1733626)\n\n* [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734160)\n\n* use 'make -jN' for modules_install (BZ#1735081)\n\n* shmem: consider shm_mnt as a long-term mount (BZ#1737376)\n\n* [ESXi][RHEL7]use-after-free of scsi_cmnd on VMware virtual guest\nwith vmw_pvscsi and ata_piix (BZ#1737377)\n\n* Backport TCP follow-up for small buffers (BZ#1739127)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/articles/4329821\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-9568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-13405\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-16871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-16884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-1125\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-9568\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16884\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7\\.4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.4\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-13405\", \"CVE-2018-16871\", \"CVE-2018-16884\", \"CVE-2018-9568\", \"CVE-2019-1125\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:2696\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2696\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"kernel-abi-whitelists-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-devel-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-devel-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"kernel-doc-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-headers-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-devel-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"perf-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"perf-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"perf-debuginfo-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-debuginfo-3.10.0-693.58.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-693.58.1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:09", "description": "An update for kernel-rt is now available for Red Hat Enterprise MRG 2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es) :\n\n* kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568)\n\n* kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members (CVE-2018-13405)\n\n* kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)\n\n* kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Backport TCP follow-up for small buffers [mrg-r] (BZ#1732110)\n\n* update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1734469)", "cvss3": {}, "published": "2019-09-16T00:00:00", "type": "nessus", "title": "RHEL 6 : MRG (RHSA-2019:2730)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13405", "CVE-2018-16871", "CVE-2018-16884", "CVE-2018-9568", "CVE-2019-1125"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2019-2730.NASL", "href": "https://www.tenable.com/plugins/nessus/128854", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2730. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128854);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2018-9568\",\n \"CVE-2018-13405\",\n \"CVE-2018-16871\",\n \"CVE-2018-16884\",\n \"CVE-2019-1125\"\n );\n script_xref(name:\"RHSA\", value:\"2019:2730\");\n\n script_name(english:\"RHEL 6 : MRG (RHSA-2019:2730)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kernel-rt is now available for Red Hat Enterprise MRG 2.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which\nenables fine-tuning for systems with extremely high determinism\nrequirements.\n\nSecurity Fix(es) :\n\n* kernel: Memory corruption due to incorrect socket cloning\n(CVE-2018-9568)\n\n* kernel: Missing check in fs/inode.c:inode_init_owner() does not\nclear SGID bit on non-directories for non-members (CVE-2018-13405)\n\n* kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)\n\n* kernel: nfs: NULL pointer dereference due to an anomalized NFS\nmessage sequence (CVE-2018-16871)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Backport TCP follow-up for small buffers [mrg-r] (BZ#1732110)\n\n* update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1734469)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/articles/4329821\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2730\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-9568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-13405\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-16871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-16884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-1125\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-9568\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16884\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-13405\", \"CVE-2018-16871\", \"CVE-2018-16884\", \"CVE-2018-9568\", \"CVE-2019-1125\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:2730\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2730\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"mrg-release\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MRG\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-doc-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-firmware-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-debuginfo-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-devel-3.10.0-693.58.1.rt56.652.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:24:42", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2019-06-24T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Linux PHSA-2019-1.0-0240", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16597", "CVE-2018-19407", "CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479", "CVE-2019-12378", "CVE-2019-12379", "CVE-2019-12381", "CVE-2019-12382", "CVE-2019-12456"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0240_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/126176", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0240. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126176);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2018-16597\",\n \"CVE-2018-19407\",\n \"CVE-2019-11477\",\n \"CVE-2019-11478\",\n \"CVE-2019-11479\",\n \"CVE-2019-12378\",\n \"CVE-2019-12379\",\n \"CVE-2019-12381\",\n \"CVE-2019-12382\",\n \"CVE-2019-12456\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0456\");\n\n script_name(english:\"Photon OS 1.0: Linux PHSA-2019-1.0-0240\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-240.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-12456\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-4.4.182-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-api-headers-4.4.182-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-debuginfo-4.4.182-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-dev-4.4.182-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-docs-4.4.182-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-drivers-gpu-4.4.182-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-4.4.182-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-debuginfo-4.4.182-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-devel-4.4.182-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-docs-4.4.182-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-oprofile-4.4.182-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-sound-4.4.182-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-tools-4.4.182-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:45", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-4739 advisory.\n\n - In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages. (CVE-2019-13631)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4739)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13631"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2019-4739.NASL", "href": "https://www.tenable.com/plugins/nessus/127615", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-4739.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127615);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2019-13631\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4739)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2019-4739 advisory.\n\n - In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a\n malicious USB device can send an HID report that triggers an out-of-bounds write during generation of\n debugging messages. (CVE-2019-13631)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-4739.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13631\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.1.12-124.30.1.el6uek', '4.1.12-124.30.1.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-4739');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.1';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-4.1.12-124.30.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.30.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.30.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.30.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.30.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.30.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'},\n {'reference':'kernel-uek-4.1.12-124.30.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.30.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.30.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.30.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.30.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.30.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:45", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-4741 advisory.\n\n - In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages. (CVE-2019-13631)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4741)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13631"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.37.1.el6uek", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.37.1.el7uek", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2019-4741.NASL", "href": "https://www.tenable.com/plugins/nessus/127616", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-4741.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127616);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2019-13631\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4741)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2019-4741 advisory.\n\n - In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a\n malicious USB device can send an HID report that triggers an out-of-bounds write during generation of\n debugging messages. (CVE-2019-13631)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-4741.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13631\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.37.1.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.37.1.el7uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['3.8.13-118.37.1.el6uek', '3.8.13-118.37.1.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-4741');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '3.8';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'dtrace-modules-3.8.13-118.37.1.el6uek-0.4.5-3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-118.37.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-118.37.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-118.37.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-118.37.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-118.37.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-118.37.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'},\n {'reference':'dtrace-modules-3.8.13-118.37.1.el7uek-0.4.5-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-118.37.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-118.37.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-118.37.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-118.37.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-118.37.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-118.37.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dtrace-modules-3.8.13-118.37.1.el6uek / dtrace-modules-3.8.13-118.37.1.el7uek / kernel-uek / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:42", "description": "Update to v5.1.20\n\n----\n\nUpdate to v5.1.19\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers (2019-3dbfaeac73)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13631"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-3DBFAEAC73.NASL", "href": "https://www.tenable.com/plugins/nessus/127508", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-3dbfaeac73.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127508);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-13631\");\n script_xref(name:\"FEDORA\", value:\"2019-3dbfaeac73\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers (2019-3dbfaeac73)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to v5.1.20\n\n----\n\nUpdate to v5.1.19\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-3dbfaeac73\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel and / or kernel-headers packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-13631\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-3dbfaeac73\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-5.1.20-200.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-5.1.20-200.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:08", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - xen: let alloc_xenballooned_pages fail if not enough memory free (Juergen Gross) [Orabug: 30073695]\n\n - mm/page_alloc.c: calculate 'available' memory in a separate function (Igor Redko) [Orabug: 30073695]\n\n - Input: gtco - bounds check collection indent level (Grant Hernandez) [Orabug: 30074413] (CVE-2019-13631)\n\n - Documentation/Docbook/Makefile: process xml files in parallel, based on nproc --all value (Alexander Burmashev) [Orabug: 30079814]\n\n - net: rds: fix compile warning (Zhu Yanjun) [Orabug:\n 30118035]\n\n - Revert 'xen-netback: stop netif TX queue on guest queuing failure' (Brian Maly) [Orabug: 30128203]\n\n - xen-netback: stop netif TX queue on guest queuing failure (Ankur Arora) [Orabug: 30028200]\n\n - scsi: megaraid_sas: fix panic on loading firmware crashdump (Junxiao Bi) [Orabug: 29993112]", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0039)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13631"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware", "cpe:/o:oracle:vm_server:3.4"], "id": "ORACLEVM_OVMSA-2019-0039.NASL", "href": "https://www.tenable.com/plugins/nessus/127566", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2019-0039.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127566);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-13631\");\n\n script_name(english:\"OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0039)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - xen: let alloc_xenballooned_pages fail if not enough\n memory free (Juergen Gross) [Orabug: 30073695]\n\n - mm/page_alloc.c: calculate 'available' memory in a\n separate function (Igor Redko) [Orabug: 30073695]\n\n - Input: gtco - bounds check collection indent level\n (Grant Hernandez) [Orabug: 30074413] (CVE-2019-13631)\n\n - Documentation/Docbook/Makefile: process xml files in\n parallel, based on nproc --all value (Alexander\n Burmashev) [Orabug: 30079814]\n\n - net: rds: fix compile warning (Zhu Yanjun) [Orabug:\n 30118035]\n\n - Revert 'xen-netback: stop netif TX queue on guest\n queuing failure' (Brian Maly) [Orabug: 30128203]\n\n - xen-netback: stop netif TX queue on guest queuing\n failure (Ankur Arora) [Orabug: 30028200]\n\n - scsi: megaraid_sas: fix panic on loading firmware\n crashdump (Junxiao Bi) [Orabug: 29993112]\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2019-August/000955.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9ff6ba96\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-4.1.12-124.30.1.el6uek\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-firmware-4.1.12-124.30.1.el6uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:26:41", "description": "Update to v5.1.19\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-07-26T00:00:00", "type": "nessus", "title": "Fedora 30 : kernel / kernel-headers (2019-9d3fe6fd5b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13631"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-9D3FE6FD5B.NASL", "href": "https://www.tenable.com/plugins/nessus/127080", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-9d3fe6fd5b.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127080);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-13631\");\n script_xref(name:\"FEDORA\", value:\"2019-9d3fe6fd5b\");\n\n script_name(english:\"Fedora 30 : kernel / kernel-headers (2019-9d3fe6fd5b)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to v5.1.19\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-9d3fe6fd5b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel and / or kernel-headers packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-13631\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-9d3fe6fd5b\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"kernel-5.1.19-300.fc30\")) flag++;\nif (rpm_check(release:\"FC30\", reference:\"kernel-headers-5.1.19-300.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:23", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system:\n memory allocation, process allocation, device input and output, etc. Security Fix(es):A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.(CVE-2018-16871)An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.(CVE-2018-20855)An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.(CVE-2018-20856)The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass.\n Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image is exposed. This attack can be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker's web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable in 4.1 because IP ID generation was changed to have a dependency on an address associated with a network namespace.(CVE-2019-10639)** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue.(CVE-2019-12378)**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because ?All the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.?.(CVE-2019-12380)** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL.(CVE-2019-12381)** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of ioc_number between two kernel reads of that value, aka a 'double fetch' vulnerability. NOTE: a third party reports that this is unexploitable because the doubly fetched value is not used.(CVE-2019-12456)An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in netfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in netfc/llcp_core.c.(CVE-2019-12818)An issue was discovered in the Linux kernel before 5.0. The function\n __mdiobus_register() in driverset/phy/mdio_bus.c calls put_device(), which will trigger a fixed_mdio_bus_init use-after-free. This will cause a denial of service.(CVE-2019-12819)A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in netfcetlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes, leading to denial of service.(CVE-2019-12984)In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE:\n SELinux deny_ptrace might be a usable workaround in some environments.(CVE-2019-13272)In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.(CVE-2019-13631)In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c.(CVE-2019-13648)In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default.(CVE-2019-14283)In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default.(CVE-2019-14284)In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.(CVE-2019-14763)An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.(CVE-2019-15211)An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.(CVE-2019-15292)A flaw was found in the way the sit_init_net function in the Linux kernel handled resource cleanup on errors. This flaw allows an attacker to use the error conditions to crash the system.(CVE-2019-16994)Note:\n kernel-4.19.36-vhulk1907.1.0.h529 and earlier versions in EulerOS Virtualization for ARM 64 3.0.2.0 return incorrect time information when executing the uname -a command.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-17T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2019-1926)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16871", "CVE-2018-20855", "CVE-2018-20856", "CVE-2019-10639", "CVE-2019-12378", "CVE-2019-12380", "CVE-2019-12381", "CVE-2019-12456", "CVE-2019-12818", "CVE-2019-12819", "CVE-2019-12984", "CVE-2019-13272", "CVE-2019-13631", "CVE-2019-13648", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-14763", "CVE-2019-15211", "CVE-2019-15292", "CVE-2019-16994"], "modified": "2023-01-20T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2019-1926.NASL", "href": "https://www.tenable.com/plugins/nessus/128929", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128929);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/20\");\n\n script_cve_id(\n \"CVE-2018-16871\",\n \"CVE-2018-20855\",\n \"CVE-2018-20856\",\n \"CVE-2019-10639\",\n \"CVE-2019-12378\",\n \"CVE-2019-12380\",\n \"CVE-2019-12381\",\n \"CVE-2019-12456\",\n \"CVE-2019-12818\",\n \"CVE-2019-12819\",\n \"CVE-2019-12984\",\n \"CVE-2019-13272\",\n \"CVE-2019-13631\",\n \"CVE-2019-13648\",\n \"CVE-2019-14283\",\n \"CVE-2019-14284\",\n \"CVE-2019-14763\",\n \"CVE-2019-15211\",\n \"CVE-2019-15292\",\n \"CVE-2019-16994\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2019-1926)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz),\n the core of any Linux operating system. The kernel\n handles the basic functions of the operating system:\n memory allocation, process allocation, device input and\n output, etc. Security Fix(es):A flaw was found in the\n Linux kernel's NFS implementation, all versions 3.x and\n all versions 4.x up to 4.20. An attacker, who is able\n to mount an exported NFS filesystem, is able to trigger\n a null pointer dereference by using an invalid NFS\n sequence. This can panic the machine and deny access to\n the NFS server. Any outstanding disk writes to the NFS\n server will be lost.(CVE-2018-16871)An issue was\n discovered in the Linux kernel before 4.18.7. In\n create_qp_common in drivers/infiniband/hw/mlx5/qp.c,\n mlx5_ib_create_qp_resp was never initialized, resulting\n in a leak of stack memory to\n userspace.(CVE-2018-20855)An issue was discovered in\n the Linux kernel before 4.18.7. In block/blk-core.c,\n there is an __blk_drain_queue() use-after-free because\n a certain error case is mishandled.(CVE-2018-20856)The\n Linux kernel 4.x (starting from 4.1) and 5.x before\n 5.0.8 allows Information Exposure (partial kernel\n address disclosure), leading to a KASLR bypass.\n Specifically, it is possible to extract the KASLR\n kernel image offset using the IP ID values the kernel\n produces for connection-less protocols (e.g., UDP and\n ICMP). When such traffic is sent to multiple\n destination IP addresses, it is possible to obtain hash\n collisions (of indices to the counter array) and\n thereby obtain the hashing key (via enumeration). This\n key contains enough bits from a kernel address (of a\n static variable) so when the key is extracted (via\n enumeration), the offset of the kernel image is\n exposed. This attack can be carried out remotely, by\n the attacker forcing the target device to send UDP or\n ICMP (or certain other) traffic to attacker-controlled\n IP addresses. Forcing a server to send UDP traffic is\n trivial if the server is a DNS server. ICMP traffic is\n trivial if the server answers ICMP Echo requests\n (ping). For client targets, if the target visits the\n attacker's web page, then WebRTC or gQUIC can be used\n to force UDP traffic to attacker-controlled IP\n addresses. NOTE: this attack against KASLR became\n viable in 4.1 because IP ID generation was changed to\n have a dependency on an address associated with a\n network namespace.(CVE-2019-10639)** DISPUTED ** An\n issue was discovered in ip6_ra_control in\n net/ipv6/ipv6_sockglue.c in the Linux kernel through\n 5.1.5. There is an unchecked kmalloc of new_ra, which\n might allow an attacker to cause a denial of service\n (NULL pointer dereference and system crash). NOTE: This\n has been disputed as not an\n issue.(CVE-2019-12378)**DISPUTED** An issue was\n discovered in the efi subsystem in the Linux kernel\n through 5.1.5. phys_efi_set_virtual_address_map in\n arch/x86/platform/efi/efi.c and efi_call_phys_prolog in\n arch/x86/platform/efi/efi_64.c mishandle memory\n allocation failures. NOTE: This id is disputed as not\n being an issue because ?All the code touched by the\n referenced commit runs only at boot, before any user\n processes are started. Therefore, there is no\n possibility for an unprivileged user to control\n it.?.(CVE-2019-12380)** DISPUTED ** An issue was\n discovered in ip_ra_control in net/ipv4/ip_sockglue.c\n in the Linux kernel through 5.1.5. There is an\n unchecked kmalloc of new_ra, which might allow an\n attacker to cause a denial of service (NULL pointer\n dereference and system crash). NOTE: this is disputed\n because new_ra is never used if it is\n NULL.(CVE-2019-12381)** DISPUTED ** An issue was\n discovered in the MPT3COMMAND case in _ctl_ioctl_main\n in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux\n kernel through 5.1.5. It allows local users to cause a\n denial of service or possibly have unspecified other\n impact by changing the value of ioc_number between two\n kernel reads of that value, aka a 'double fetch'\n vulnerability. NOTE: a third party reports that this is\n unexploitable because the doubly fetched value is not\n used.(CVE-2019-12456)An issue was discovered in the\n Linux kernel before 4.20.15. The nfc_llcp_build_tlv\n function in netfc/llcp_commands.c may return NULL. If\n the caller does not check for this, it will trigger a\n NULL pointer dereference. This will cause denial of\n service. This affects nfc_llcp_build_gb in\n netfc/llcp_core.c.(CVE-2019-12818)An issue was\n discovered in the Linux kernel before 5.0. The function\n __mdiobus_register() in driverset/phy/mdio_bus.c calls\n put_device(), which will trigger a fixed_mdio_bus_init\n use-after-free. This will cause a denial of\n service.(CVE-2019-12819)A NULL pointer dereference\n vulnerability in the function\n nfc_genl_deactivate_target() in netfcetlink.c in the\n Linux kernel before 5.1.13 can be triggered by a\n malicious user-mode program that omits certain NFC\n attributes, leading to denial of\n service.(CVE-2019-12984)In the Linux kernel before\n 5.1.17, ptrace_link in kernel/ptrace.c mishandles the\n recording of the credentials of a process that wants to\n create a ptrace relationship, which allows local users\n to obtain root access by leveraging certain scenarios\n with a parent-child process relationship, where a\n parent drops privileges and calls execve (potentially\n allowing control by an attacker). One contributing\n factor is an object lifetime issue (which can also\n cause a panic). Another contributing factor is\n incorrect marking of a ptrace relationship as\n privileged, which is exploitable through (for example)\n Polkit's pkexec helper with PTRACE_TRACEME. NOTE:\n SELinux deny_ptrace might be a usable workaround in\n some environments.(CVE-2019-13272)In\n parse_hid_report_descriptor in\n drivers/input/tablet/gtco.c in the Linux kernel through\n 5.2.1, a malicious USB device can send an HID report\n that triggers an out-of-bounds write during generation\n of debugging messages.(CVE-2019-13631)In the Linux\n kernel through 5.2.1 on the powerpc platform, when\n hardware transactional memory is disabled, a local user\n can cause a denial of service (TM Bad Thing exception\n and system crash) via a sigreturn() system call that\n sends a crafted signal frame. This affects\n arch/powerpc/kernel/signal_32.c and\n arch/powerpc/kernel/signal_64.c.(CVE-2019-13648)In the\n Linux kernel before 5.2.3, set_geometry in\n drivers/block/floppy.c does not validate the sect and\n head fields, as demonstrated by an integer overflow and\n out-of-bounds read. It can be triggered by an\n unprivileged local user when a floppy disk has been\n inserted. NOTE: QEMU creates the floppy device by\n default.(CVE-2019-14283)In the Linux kernel before\n 5.2.3, drivers/block/floppy.c allows a denial of\n service by setup_format_params division-by-zero. Two\n consecutive ioctls can trigger the bug: the first one\n should set the drive geometry with .sect and .rate\n values that make F_SECT_PER_TRACK be zero. Next, the\n floppy format operation should be called. It can be\n triggered by an unprivileged local user even when a\n floppy disk has not been inserted. NOTE: QEMU creates\n the floppy device by default.(CVE-2019-14284)In the\n Linux kernel before 4.16.4, a double-locking error in\n drivers/usb/dwc3/gadget.c may potentially cause a\n deadlock with f_hid.(CVE-2019-14763)An issue was\n discovered in the Linux kernel before 5.2.6. There is a\n use-after-free caused by a malicious USB device in the\n drivers/media/v4l2-core/v4l2-dev.c driver because\n drivers/media/radio/radio-raremono.c does not properly\n allocate memory.(CVE-2019-15211)An issue was discovered\n in the Linux kernel before 5.0.9. There is a\n use-after-free in atalk_proc_exit, related to\n net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and\n net/appletalk/sysctl_net_atalk.c.(CVE-2019-15292)A flaw\n was found in the way the sit_init_net function in the\n Linux kernel handled resource cleanup on errors. This\n flaw allows an attacker to use the error conditions to\n crash the system.(CVE-2019-16994)Note:\n kernel-4.19.36-vhulk1907.1.0.h529 and earlier versions\n in EulerOS Virtualization for ARM 64 3.0.2.0 return\n incorrect time information when executing the uname -a\n command.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1926\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9f4a8b79\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15292\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-4.19.36-vhulk1907.1.0.h420\",\n \"kernel-devel-4.19.36-vhulk1907.1.0.h420\",\n \"kernel-headers-4.19.36-vhulk1907.1.0.h420\",\n \"kernel-tools-4.19.36-vhulk1907.1.0.h420\",\n \"kernel-tools-libs-4.19.36-vhulk1907.1.0.h420\",\n \"kernel-tools-libs-devel-4.19.36-vhulk1907.1.0.h420\",\n \"perf-4.19.36-vhulk1907.1.0.h420\",\n \"python-perf-4.19.36-vhulk1907.1.0.h420\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:44", "description": "The remote NewStart CGSL host, running version MAIN 4.06, has kernel packages installed that are affected by multiple vulnerabilities:\n\n - The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable. (CVE-2017-17805)\n\n - The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.\n (CVE-2019-5489)\n\n - An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11.\n It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents. (CVE-2018-17972)\n\n - Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.\n (CVE-2019-11477)\n\n - A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS). (CVE-2019-3896)\n\n - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.\n (CVE-2019-11478)\n\n - Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.\n (CVE-2019-11479)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-09-11T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 4.06 : kernel Multiple Vulnerabilities (NS-SA-2019-0177)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17805", "CVE-2018-17972", "CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125", "CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479", "CVE-2019-3896", "CVE-2019-5489"], "modified": "2022-12-05T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0177_KERNEL.NASL", "href": "https://www.tenable.com/plugins/nessus/128689", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0177. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128689);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2017-17805\",\n \"CVE-2018-17972\",\n \"CVE-2019-1125\",\n \"CVE-2019-3896\",\n \"CVE-2019-5489\",\n \"CVE-2019-11477\",\n \"CVE-2019-11478\",\n \"CVE-2019-11479\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0456\");\n\n script_name(english:\"NewStart CGSL MAIN 4.06 : kernel Multiple Vulnerabilities (NS-SA-2019-0177)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 4.06, has kernel packages installed that are affected by multiple\nvulnerabilities:\n\n - The Salsa20 encryption algorithm in the Linux kernel\n before 4.14.8 does not correctly handle zero-length\n inputs, allowing a local attacker able to use the\n AF_ALG-based skcipher interface\n (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of\n service (uninitialized-memory free and kernel crash) or\n have unspecified other impact by executing a crafted\n sequence of system calls that use the blkcipher_walk\n API. Both the generic implementation\n (crypto/salsa20_generic.c) and x86 implementation\n (arch/x86/crypto/salsa20_glue.c) of Salsa20 were\n vulnerable. (CVE-2017-17805)\n\n - The mincore() implementation in mm/mincore.c in the\n Linux kernel through 4.19.13 allowed local attackers to\n observe page cache access patterns of other processes on\n the same system, potentially allowing sniffing of secret\n information. (Fixing this affects the output of the\n fincore program.) Limited remote exploitation may be\n possible, as demonstrated by latency differences in\n accessing public files from an Apache HTTP Server.\n (CVE-2019-5489)\n\n - An issue was discovered in the proc_pid_stack function\n in fs/proc/base.c in the Linux kernel through 4.18.11.\n It does not ensure that only root may inspect the kernel\n stack of an arbitrary task, allowing a local attacker to\n exploit racy stack unwinding and leak kernel task stack\n contents. (CVE-2018-17972)\n\n - Jonathan Looney discovered that the\n TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an\n integer overflow in the Linux kernel when handling TCP\n Selective Acknowledgments (SACKs). A remote attacker\n could use this to cause a denial of service. This has\n been fixed in stable kernel releases 4.4.182, 4.9.182,\n 4.14.127, 4.19.52, 5.1.11, and is fixed in commit\n 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.\n (CVE-2019-11477)\n\n - A double-free can happen in idr_remove_all() in\n lib/idr.c in the Linux kernel 2.6 branch. An\n unprivileged local attacker can use this flaw for a\n privilege escalation or for a system crash and a denial\n of service (DoS). (CVE-2019-3896)\n\n - An information disclosure vulnerability exists when\n certain central processing units (CPU) speculatively\n access memory, aka 'Windows Kernel Information\n Disclosure Vulnerability'. This CVE ID is unique from\n CVE-2019-1071, CVE-2019-1073. (CVE-2019-1125)\n\n - Jonathan Looney discovered that the TCP retransmission\n queue implementation in tcp_fragment in the Linux kernel\n could be fragmented when handling certain TCP Selective\n Acknowledgment (SACK) sequences. A remote attacker could\n use this to cause a denial of service. This has been\n fixed in stable kernel releases 4.4.182, 4.9.182,\n 4.14.127, 4.19.52, 5.1.11, and is fixed in commit\n f070ef2ac66716357066b683fb0baf55f8191a2e.\n (CVE-2019-11478)\n\n - Jonathan Looney discovered that the Linux kernel default\n MSS is hard-coded to 48 bytes. This allows a remote peer\n to fragment TCP resend queues significantly more than if\n a larger MSS were enforced. A remote attacker could use\n this to cause a denial of service. This has been fixed\n in stable kernel releases 4.4.182, 4.9.182, 4.14.127,\n 4.19.52, 5.1.11, and is fixed in commits\n 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and\n 5f3e2bf008c2221478101ee72f5cb4654b9fc363.\n (CVE-2019-11479)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0177\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL kernel packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3896\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 4.06\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.06');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 4.06\": [\n \"kernel-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"kernel-abi-whitelists-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"kernel-debug-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"kernel-debug-debuginfo-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"kernel-debug-devel-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"kernel-debuginfo-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"kernel-debuginfo-common-x86_64-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"kernel-devel-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"kernel-doc-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"kernel-firmware-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"kernel-headers-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"perf-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"perf-debuginfo-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"python-perf-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\",\n \"python-perf-debuginfo-2.6.32-754.18.2.el6.cgslv4_6.0.28.gda17c11\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:18", "description": "The 5.2.7 stable update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Fedora 30 : kernel / kernel-headers / kernel-tools (2019-e37c348348)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125"], "modified": "2020-02-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-E37C348348.NASL", "href": "https://www.tenable.com/plugins/nessus/127532", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-e37c348348.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127532);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/02/18\");\n\n script_cve_id(\"CVE-2019-1125\");\n script_xref(name:\"FEDORA\", value:\"2019-e37c348348\");\n\n script_name(english:\"Fedora 30 : kernel / kernel-headers / kernel-tools (2019-e37c348348)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 5.2.7 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-e37c348348\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-1125\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-e37c348348\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"kernel-5.2.7-200.fc30\")) flag++;\nif (rpm_check(release:\"FC30\", reference:\"kernel-headers-5.2.7-200.fc30\")) flag++;\nif (rpm_check(release:\"FC30\", reference:\"kernel-tools-5.2.7-200.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:45", "description": "An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, redhat-virtualization-host, and ovirt-node-ng. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nThe following packages have been upgraded to a later upstream version:\nimgbased (1.1.10), ovirt-node-ng (4.3.6), redhat-release-virtualization-host (4.3.6), redhat-virtualization-host (4.3.6). (BZ#1734624, BZ#1737771, BZ#1752750)\n\nSecurity Fix(es) :\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* RHVH 4.3.6: Incorrect welcome info appear in RHVH boot process (BZ#1736798)\n\n* The company logo displays wrong. (BZ#1738457)\n\nEnhancement(s) :\n\n* [downstream clone - 4.3.6] [RFE] Warn if SELinux is disabled when upgrading RHV-H (BZ#1744027)", "cvss3": {}, "published": "2019-10-15T00:00:00", "type": "nessus", "title": "RHEL 7 : Virtualization Manager (RHSA-2019:3011)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125"], "modified": "2020-02-18T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:imgbased", "p-cpe:/a:redhat:enterprise_linux:ovirt-node-ng-nodectl", "p-cpe:/a:redhat:enterprise_linux:python-imgbased", "p-cpe:/a:redhat:enterprise_linux:python2-ovirt-node-ng-nodectl", "p-cpe:/a:redhat:enterprise_linux:redhat-release-virtualization-host", "p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update", "p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update-placeholder", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-3011.NASL", "href": "https://www.tenable.com/plugins/nessus/129860", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3011. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129860);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/02/18\");\n\n script_cve_id(\"CVE-2019-1125\");\n script_xref(name:\"RHSA\", value:\"2019:3011\");\n\n script_name(english:\"RHEL 7 : Virtualization Manager (RHSA-2019:3011)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for redhat-virtualization-host is now available for Red Hat\nVirtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe redhat-virtualization-host packages provide the Red Hat\nVirtualization Host. These packages include\nredhat-release-virtualization-host, redhat-virtualization-host, and\novirt-node-ng. Red Hat Virtualization Hosts (RHVH) are installed using\na special build of Red Hat Enterprise Linux with only the packages\nrequired to host virtual machines. RHVH features a Cockpit user\ninterface for monitoring the host's resources and performing\nadministrative tasks.\n\nThe following packages have been upgraded to a later upstream version:\nimgbased (1.1.10), ovirt-node-ng (4.3.6),\nredhat-release-virtualization-host (4.3.6), redhat-virtualization-host\n(4.3.6). (BZ#1734624, BZ#1737771, BZ#1752750)\n\nSecurity Fix(es) :\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* RHVH 4.3.6: Incorrect welcome info appear in RHVH boot process\n(BZ#1736798)\n\n* The company logo displays wrong. (BZ#1738457)\n\nEnhancement(s) :\n\n* [downstream clone - 4.3.6] [RFE] Warn if SELinux is disabled when\nupgrading RHV-H (BZ#1744027)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/4329821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-1125\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:imgbased\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-node-ng-nodectl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-imgbased\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-ovirt-node-ng-nodectl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-release-virtualization-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update-placeholder\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3011\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"redhat-release-virtualization-host-4.3\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Red Hat Virtualization 4.3\");\n\n if (rpm_check(release:\"RHEL7\", reference:\"imgbased-1.1.10-0.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"ovirt-node-ng-nodectl-4.3.6-0.20190820.0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"python-imgbased-1.1.10-0.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"python2-ovirt-node-ng-nodectl-4.3.6-0.20190820.0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"redhat-release-virtualization-host-4.3.6-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"redhat-virtualization-host-image-update-4.3.6-20190924.0.el7_7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"redhat-virtualization-host-image-update-placeholder-4.3.6-2.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"imgbased / ovirt-node-ng-nodectl / python-imgbased / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:42", "description": "There is a newly discovered variant side-channel attack of Spectre V1 which leverages SWAPGS instructions to bypass KPTI/KVA mitigations.\nThis could lead to a kernel information disclosure", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2019-1253)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125"], "modified": "2020-02-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1253.NASL", "href": "https://www.tenable.com/plugins/nessus/127468", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1253.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127468);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/02/18\");\n\n script_cve_id(\"CVE-2019-1125\");\n script_xref(name:\"ALAS\", value:\"2019-1253\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2019-1253)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"There is a newly discovered variant side-channel attack of Spectre V1\nwhich leverages SWAPGS instructions to bypass KPTI/KVA mitigations.\nThis could lead to a kernel information disclosure\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1253.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update kernel' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.14.133-88.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.14.133-88.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.14.133-88.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.14.133-88.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.14.133-88.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.14.133-88.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.14.133-88.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.14.133-88.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.14.133-88.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.14.133-88.112.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.14.133-88.112.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:41", "description": "An update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* fragmented packets timing out (BZ#1741129)\n\n* Backport TCP follow-up for small buffers (BZ#1741142)", "cvss3": {}, "published": "2019-09-11T00:00:00", "type": "nessus", "title": "RHEL 6 : kernel (RHSA-2019:2695)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125"], "modified": "2020-02-18T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:6.5"], "id": "REDHAT-RHSA-2019-2695.NASL", "href": "https://www.tenable.com/plugins/nessus/128661", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2695. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128661);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2020/02/18\");\n\n script_cve_id(\"CVE-2019-1125\");\n script_xref(name:\"RHSA\", value:\"2019:2695\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2019:2695)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 6.5\nAdvanced Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* fragmented packets timing out (BZ#1741129)\n\n* Backport TCP follow-up for small buffers (BZ#1741142)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/4329821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-1125\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6\\.5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.5\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-1125\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:2695\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2695\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"kernel-abi-whitelists-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"kernel-doc-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", reference:\"kernel-firmware-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"perf-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-431.96.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"5\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-431.96.1.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:06", "description": "There is a newly discovered variant side-channel attack of Spectre V1 which leverages SWAPGS instructions to bypass KPTI/KVA mitigations.\nThis could lead to a kernel information disclosure. (CVE-2019-1125)", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALAS-2019-1253)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125"], "modified": "2020-02-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1253.NASL", "href": "https://www.tenable.com/plugins/nessus/127461", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1253.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127461);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/02/18\");\n\n script_cve_id(\"CVE-2019-1125\");\n script_xref(name:\"ALAS\", value:\"2019-1253\");\n\n script_name(english:\"Amazon Linux 2 : kernel (ALAS-2019-1253)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"There is a newly discovered variant side-channel attack of Spectre V1\nwhich leverages SWAPGS instructions to bypass KPTI/KVA mitigations.\nThis could lead to a kernel information disclosure. (CVE-2019-1125)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1253.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update kernel' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-4.14.133-113.112.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-4.14.133-113.112.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.14.133-113.112.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-devel-4.14.133-113.112.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"kernel-headers-4.14.133-113.112.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-4.14.133-113.112.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-4.14.133-113.112.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-devel-4.14.133-113.112.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"perf-4.14.133-113.112.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"perf-debuginfo-4.14.133-113.112.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"python-perf-4.14.133-113.112.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-4.14.133-113.112.amzn2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:11", "description": "Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information (kernel memory).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-14T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : Linux kernel (AWS) vulnerability (USN-4096-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4096-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127891", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4096-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127891);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-1125\");\n script_xref(name:\"USN\", value:\"4096-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : Linux kernel (AWS) vulnerability (USN-4096-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors\nincorrectly handle SWAPGS instructions during speculative execution. A\nlocal attacker could use this to expose sensitive information (kernel\nmemory).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4096-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-1125\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4096-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1045-aws\", pkgver:\"4.15.0-1045.47~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws-hwe\", pkgver:\"4.15.0.1045.45\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1045-aws\", pkgver:\"4.15.0-1045.47\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-aws\", pkgver:\"4.15.0.1045.44\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1012-aws\", pkgver:\"5.0.0-1012.13\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-aws\", pkgver:\"5.0.0.1012.12\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.15-aws / linux-image-5.0-aws / linux-image-aws / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:26:45", "description": "The 5.2.7 stable kernel update contains a number of important fixes across the tree.\n\n----\n\nThe 5.2.6 kernel rebase contains new hardware support, features, and a number of important bug fixes across the tree.\n\n----\n\nUpdate to v5.1.12\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers / kernel-tools (2019-6bda4c81f4)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125"], "modified": "2020-02-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-6BDA4C81F4.NASL", "href": "https://www.tenable.com/plugins/nessus/127515", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-6bda4c81f4.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127515);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/02/18\");\n\n script_cve_id(\"CVE-2019-1125\");\n script_xref(name:\"FEDORA\", value:\"2019-6bda4c81f4\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers / kernel-tools (2019-6bda4c81f4)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 5.2.7 stable kernel update contains a number of important fixes\nacross the tree.\n\n----\n\nThe 5.2.6 kernel rebase contains new hardware support, features, and a\nnumber of important bug fixes across the tree.\n\n----\n\nUpdate to v5.1.12\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-6bda4c81f4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-1125\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-6bda4c81f4\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-5.2.7-100.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-5.2.7-100.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-tools-5.2.7-100.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:56:11", "description": "According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - tcp: integer overflow while processing SACK blocks allows remote denial of service. An integer overflow was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes. To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service.\n\n - nfs: NULL pointer dereference due to an anomalized NFS message sequence. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence.\n This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-02-04T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : readykernel-patch (VZA-2019-068)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16871", "CVE-2019-11477"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:readykernel", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZA-2019-068.NASL", "href": "https://www.tenable.com/plugins/nessus/133458", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133458);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2018-16871\", \"CVE-2019-11477\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0456\");\n\n script_name(english:\"Virtuozzo 7 : readykernel-patch (VZA-2019-068)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the vzkernel package and the\nreadykernel-patch installed, the Virtuozzo installation on the remote\nhost is affected by the following vulnerabilities :\n\n - tcp: integer overflow while processing SACK blocks\n allows remote denial of service. An integer overflow\n was found in the way the Linux kernel's networking\n subsystem processed TCP Selective Acknowledgment (SACK)\n segments. While processing SACK segments, the Linux\n kernel's socket buffer (SKB) data structure becomes\n fragmented. Each fragment is about TCP maximum segment\n size (MSS) bytes. To efficiently process SACK blocks,\n the Linux kernel merges multiple fragmented SKBs into\n one, potentially overflowing the variable holding the\n number of segments. A remote attacker could use this\n flaw to crash the Linux kernel by sending a crafted\n sequence of SACK segments on a TCP connection with\n small value of TCP MSS, resulting in a denial of\n service.\n\n - nfs: NULL pointer dereference due to an anomalized NFS\n message sequence. An attacker, who is able to mount an\n exported NFS filesystem, is able to trigger a null\n pointer dereference by using an invalid NFS sequence.\n This can panic the machine and deny access to the NFS\n server. Any outstanding disk writes to the NFS server\n will be lost.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://virtuozzosupport.force.com/s/article/VZA-2019-068\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-43.10-85.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f75313dd\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-46.7-85.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a6382ef0\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-48.2-85.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fce0b0f5\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-63.3-85.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1193994a\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-64.7-85.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d0f897ef\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-73.24-85.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3f4cb69c\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-73.29-85.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7e46c367\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-85.17-85.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a97adc25\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-86.2-85.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?34a0ef2a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the readykernel patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:readykernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\", \"Host/readykernel-info\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"readykernel.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nrk_info = get_kb_item(\"Host/readykernel-info\");\nif (empty_or_null(rk_info)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\n\nchecks = make_list2(\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.17.1.vz7.43.10\",\n \"patch\",\"readykernel-patch-43.10-85.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.21.1.vz7.46.7\",\n \"patch\",\"readykernel-patch-46.7-85.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.21.1.vz7.48.2\",\n \"patch\",\"readykernel-patch-48.2-85.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.11.6.vz7.64.7\",\n \"patch\",\"readykernel-patch-63.3-85.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.20.2.vz7.73.24\",\n \"patch\",\"readykernel-patch-64.7-85.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.20.2.vz7.73.29\",\n \"patch\",\"readykernel-patch-73.24-85.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.9.1.vz7.63.3\",\n \"patch\",\"readykernel-patch-73.29-85.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-957.10.1.vz7.85.17\",\n \"patch\",\"readykernel-patch-85.17-85.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-957.12.2.vz7.86.2\",\n \"patch\",\"readykernel-patch-86.2-85.0-1.vl7\"\n )\n);\nreadykernel_execute_checks(checks:checks, severity:SECURITY_HOLE, release:\"Virtuozzo-7\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:25", "description": "This update for the Linux Kernel 4.4.121-92_120 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship (bsc#1156321).\n\nCVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n\nThe following bugs were fixed: Fixed boot up hang revealed by int3 self test (bsc#1157770).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-12T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3263-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10220", "CVE-2019-13272"], "modified": "2023-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_120-default", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-3263-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132008", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:3263-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132008);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\"CVE-2019-10220\", \"CVE-2019-13272\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3263-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for the Linux Kernel 4.4.121-92_120 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2019-13272: Fixed a privilege escalation from user to root due to\nimproper handling of credentials by leveraging certain scenarios with\na parent-child process relationship (bsc#1156321).\n\nCVE-2019-10220: Fixed an issue where samba servers could inject\nrelative paths in directory entry lists (bsc#1153108).\n\nThe following bugs were fixed: Fixed boot up hang revealed by int3\nself test (bsc#1157770).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157770\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-10220/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-13272/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20193263-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d2c57be2\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-3263=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-3263=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_120-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_120-default-4-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:25:31", "description": "Jann Horn discovered that the ptrace subsystem in the Linux kernel mishandles the management of the credentials of a process that wants to create a ptrace relationship, allowing a local user to obtain root privileges under certain scenarios.", "cvss3": {}, "published": "2019-07-22T00:00:00", "type": "nessus", "title": "Debian DSA-4484-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11478", "CVE-2019-13272"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4484.NASL", "href": "https://www.tenable.com/plugins/nessus/126837", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4484. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126837);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2019-13272\");\n script_xref(name:\"DSA\", value:\"4484\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"Debian DSA-4484-1 : linux - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Jann Horn discovered that the ptrace subsystem in the Linux kernel\nmishandles the management of the credentials of a process that wants\nto create a ptrace relationship, allowing a local user to obtain root\nprivileges under certain scenarios.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2019-11478\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4484\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the linux packages.\n\nFor the oldstable distribution (stretch), this problem has been fixed\nin version 4.9.168-1+deb9u4.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 4.19.37-5+deb10u1. This update includes as well a patch for a\nregression introduced by the original fix for CVE-2019-11478\n(#930904).\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"affs-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"affs-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"affs-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"affs-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ata-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ata-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ata-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ata-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ata-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"btrfs-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"btrfs-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"btrfs-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"btrfs-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"btrfs-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"btrfs-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"btrfs-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"btrfs-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"cdrom-core-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"cdrom-core-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"cdrom-core-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"cdrom-core-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"cdrom-core-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"cdrom-core-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"cdrom-core-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"cdrom-core-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"compress-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"compress-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"compress-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"compress-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"compress-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"compress-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"compress-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"compress-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crc-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crc-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crc-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crc-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crc-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crc-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crc-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crc-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-dm-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-dm-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-dm-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-dm-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-dm-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-dm-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-dm-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-dm-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"crypto-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"dasd-extra-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"dasd-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"efi-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"event-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"event-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"event-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"event-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"event-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"event-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"event-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ext4-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ext4-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ext4-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ext4-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ext4-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ext4-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ext4-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ext4-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fancontrol-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fat-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fat-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fat-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fat-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fat-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fat-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fat-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fat-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fb-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fb-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fb-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fb-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fb-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fb-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firewire-core-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"firewire-core-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fuse-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fuse-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fuse-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fuse-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fuse-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fuse-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fuse-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"fuse-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"hfs-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"hfs-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"hfs-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"hfs-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"hyperv-daemons\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"hypervisor-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"i2c-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"i2c-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"i2c-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"i2c-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"input-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"input-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"input-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"input-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"input-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"input-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"input-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ipv6-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"isofs-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"isofs-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"isofs-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"isofs-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"isofs-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"isofs-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"isofs-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"isofs-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"jffs2-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"jfs-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"jfs-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"jfs-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"jfs-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"jfs-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"jfs-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"jfs-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"kernel-image-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"kernel-image-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"kernel-image-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"kernel-image-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"kernel-image-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"kernel-image-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"kernel-image-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"kernel-image-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"leds-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"leds-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libbpf-dev\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libbpf4.19\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libcpupower-dev\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libcpupower1\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"liblockdep-dev\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"liblockdep4.19\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-compiler-gcc-8-arm\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-compiler-gcc-8-s390\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-compiler-gcc-8-x86\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-config-4.19\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-cpupower\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-doc-4.19\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-4kc-malta\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-5kc-malta\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-686\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-686-pae\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-all\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-all-amd64\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-all-arm64\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-all-armel\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-all-armhf\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-all-i386\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-all-mips\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-all-mips64el\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-all-mipsel\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-all-ppc64el\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-all-s390x\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-amd64\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-arm64\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-armmp\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-armmp-lpae\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-cloud-amd64\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-common\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-common-rt\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-loongson-3\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-marvell\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-octeon\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-powerpc64le\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-rpi\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-rt-686-pae\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-rt-amd64\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-rt-arm64\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-rt-armmp\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-headers-4.19.0-5-s390x\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-4kc-malta\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-4kc-malta-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-5kc-malta\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-5kc-malta-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-686-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-686-pae-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-686-pae-unsigned\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-686-unsigned\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-amd64-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-amd64-unsigned\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-arm64-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-arm64-unsigned\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-armmp\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-armmp-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-armmp-lpae\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-armmp-lpae-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-cloud-amd64-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-cloud-amd64-unsigned\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-loongson-3\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-loongson-3-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-marvell\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-marvell-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-octeon\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-octeon-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-powerpc64le\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-powerpc64le-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-rpi\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-rpi-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-rt-686-pae-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-rt-686-pae-unsigned\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-rt-amd64-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-rt-amd64-unsigned\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-rt-arm64-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-rt-arm64-unsigned\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-rt-armmp\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-rt-armmp-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-s390x\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-4.19.0-5-s390x-dbg\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-amd64-signed-template\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-arm64-signed-template\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-image-i386-signed-template\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-kbuild-4.19\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-libc-dev\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-perf-4.19\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-source-4.19\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"linux-support-4.19.0-5\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"lockdep\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"loop-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"loop-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"loop-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"loop-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"loop-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"loop-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"loop-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"loop-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"md-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"md-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"md-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"md-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"md-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"md-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"md-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"md-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"minix-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"minix-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"minix-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"minix-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"minix-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mmc-core-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mmc-core-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mmc-core-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mmc-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mmc-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mmc-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mmc-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mouse-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mouse-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mouse-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mouse-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mtd-core-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mtd-core-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mtd-core-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mtd-core-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mtd-core-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mtd-core-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mtd-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mtd-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"multipath-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"multipath-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"multipath-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"multipath-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"multipath-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"multipath-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"multipath-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"multipath-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nbd-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nbd-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nbd-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nbd-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nbd-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nbd-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nbd-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nbd-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nfs-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-shared-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-shared-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-shared-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-shared-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-shared-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-shared-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-shared-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-usb-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-usb-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-usb-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-usb-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-usb-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-usb-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-usb-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-wireless-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-wireless-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-wireless-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-wireless-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-wireless-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"nic-wireless-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"pata-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"pata-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"pata-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"pata-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"pata-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ppp-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ppp-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ppp-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ppp-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ppp-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ppp-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"ppp-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"rtc-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"sata-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"sata-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"sata-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"sata-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"sata-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"sata-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"sata-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-core-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-core-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-core-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-core-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-core-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-core-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-core-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-core-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-nic-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-nic-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-nic-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-nic-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-nic-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"scsi-nic-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"serial-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"sound-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"sound-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"sound-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"sound-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"speakup-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"squashfs-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"squashfs-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"squashfs-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"squashfs-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"squashfs-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"squashfs-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"squashfs-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"udf-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"udf-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"udf-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"udf-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"udf-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"udf-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"udf-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"udf-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"uinput-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"uinput-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"uinput-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-serial-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-serial-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-serial-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-serial-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-serial-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-serial-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-serial-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-storage-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-storage-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-storage-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-storage-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-storage-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-storage-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usb-storage-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"usbip\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"xfs-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"xfs-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"xfs-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"xfs-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"xfs-modules-4.19.0-5-powerpc64le-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"xfs-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"zlib-modules-4.19.0-5-4kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"zlib-modules-4.19.0-5-5kc-malta-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"zlib-modules-4.19.0-5-armmp-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"zlib-modules-4.19.0-5-loongson-3-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"zlib-modules-4.19.0-5-marvell-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"zlib-modules-4.19.0-5-octeon-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"zlib-modules-4.19.0-5-s390x-di\", reference:\"4.19.37-5+deb10u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"hyperv-daemons\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcpupower-dev\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcpupower1\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libusbip-dev\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-arm\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-s390\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-x86\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-cpupower\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-doc-4.9\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-4kc-malta\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-5kc-malta\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-686\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-686-pae\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-amd64\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-arm64\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-armel\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-armhf\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-i386\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mips\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mips64el\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mipsel\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-ppc64el\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-s390x\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-amd64\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-arm64\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-armmp\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-armmp-lpae\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-common\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-common-rt\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-loongson-3\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-marvell\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-octeon\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-powerpc64le\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-rt-686-pae\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-rt-amd64\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-s390x\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-4kc-malta\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-4kc-malta-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-5kc-malta\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-5kc-malta-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-pae\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-pae-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-amd64\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-amd64-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-arm64\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-arm64-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-lpae\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-lpae-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-loongson-3\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-loongson-3-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-marvell\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-marvell-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-octeon\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-octeon-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-powerpc64le\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-powerpc64le-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-686-pae\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-686-pae-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-amd64\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-amd64-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-s390x\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-s390x-dbg\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-kbuild-4.9\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-libc-dev\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-manual-4.9\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-perf-4.9\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-source-4.9\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-support-4.9.0-9\", reference:\"4.9.168-1+deb9u4\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"usbip\", reference:\"4.9.168-1+deb9u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntucve": [{"lastseen": "2023-06-05T13:45:27", "description": "An information disclosure vulnerability exists when certain central\nprocessing units (CPU) speculatively access memory, aka 'Windows Kernel\nInformation Disclosure Vulnerability'. This CVE ID is unique from\nCVE-2019-1071, CVE-2019-1073.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | This issue is not believed to be exploitable in the Linux kernel but kernel updates will be made available to ensure that it cannot be exploited Kernel updates will soon be available for testing in the Proposed pocket and they are expected to be officially released on August 12th See the following page if you'd like to test the patched kernels from the Proposed pocket: https://wiki.ubuntu.com/Testing/EnableProposed\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-06T00:00:00", "type": "ubuntucve", "title": "CVE-2019-1125", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125"], "modified": "2019-08-06T00:00:00", "id": "UB:CVE-2019-1125", "href": "https://ubuntu.com/security/CVE-2019-1125", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-05T13:45:37", "description": "A flaw was found in the Linux kernel's NFS implementation, all versions 3.x\nand all versions 4.x up to 4.20. An attacker, who is able to mount an\nexported NFS filesystem, is able to trigger a null pointer dereference by\nusing an invalid NFS sequence. This can panic the machine and deny access\nto the NFS server. Any outstanding disk writes to the NFS server will be\nlost.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=1655162>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-30T00:00:00", "type": "ubuntucve", "title": "CVE-2018-16871", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16871"], "modified": "2019-07-30T00:00:00", "id": "UB:CVE-2018-16871", "href": "https://ubuntu.com/security/CVE-2018-16871", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-05T13:46:54", "description": "** DISPUTED ** An issue was discovered in ip_ra_control in\nnet/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an\nunchecked kmalloc of new_ra, which might allow an attacker to cause a\ndenial of service (NULL pointer dereference and system crash). NOTE: this\nis disputed because new_ra is never used if it is NULL.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | This CVE is disputed due to a lack of security impact. I've reviewed all of our current kernels and have verified that none of them attempt to dereference a NULL new_ra pointer.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-28T00:00:00", "type": "ubuntucve", "title": "CVE-2019-12381", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12381"], "modified": "2019-05-28T00:00:00", "id": "UB:CVE-2019-12381", "href": "https://ubuntu.com/security/CVE-2019-12381", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-05T13:46:02", "description": "In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c\nmishandles the recording of the credentials of a process that wants to\ncreate a ptrace relationship, which allows local users to obtain root\naccess by leveraging certain scenarios with a parent-child process\nrelationship, where a parent drops privileges and calls execve (potentially\nallowing control by an attacker). One contributing factor is an object\nlifetime issue (which can also cause a panic). Another contributing factor\nis incorrect marking of a ptrace relationship as privileged, which is\nexploitable through (for example) Polkit's pkexec helper with\nPTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in\nsome environments.\n\n#### Bugs\n\n * <https://bugs.chromium.org/p/project-zero/issues/detail?id=1903>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=1730895>\n * <https://bugzilla.suse.com/show_bug.cgi?id=1140671>\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-17T00:00:00", "type": "ubuntucve", "title": "CVE-2019-13272", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13272"], "modified": "2019-07-17T00:00:00", "id": "UB:CVE-2019-13272", "href": "https://ubuntu.com/security/CVE-2019-13272", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-05T13:46:54", "description": "** DISPUTED ** An issue was discovered in drm_load_edid_firmware in\ndrivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is\nan unchecked kstrdup of fwstr, which might allow an attacker to cause a\ndenial of service (NULL pointer dereference and system crash). NOTE: The\nvendor disputes this issues as not being a vulnerability because kstrdup()\nreturning NULL is handled sufficiently and there is no chance for a NULL\npointer dereference.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | There's no security impact here as there's no chance of a NULL pointer derefence. I've requested that MITRE reject this CVE. I've reviewed our Disco, Cosmic, Bionic, and Xenial kernels. There's no security impact here so we'll ignore this issue.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-28T00:00:00", "type": "ubuntucve", "title": "CVE-2019-12382", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12382"], "modified": "2019-05-28T00:00:00", "id": "UB:CVE-2019-12382", "href": "https://ubuntu.com/security/CVE-2019-12382", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-05T13:47:14", "description": "fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the\nunused memory region in the extent tree block, which might allow local\nusers to obtain sensitive information by reading uninitialized data in the\nfilesystem.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-15T00:00:00", "type": "ubuntucve", "title": "CVE-2019-11833", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11833"], "modified": "2019-05-15T00:00:00", "id": "UB:CVE-2019-11833", "href": "https://ubuntu.com/security/CVE-2019-11833", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-05T13:46:56", "description": "** DISPUTED ** An issue was discovered in ip6_ra_control in\nnet/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an\nunchecked kmalloc of new_ra, which might allow an attacker to cause a\ndenial of service (NULL pointer dereference and system crash). NOTE: This\nhas been disputed as not an issue.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | I've reviewed all of our kernels. There's no security impact here so we'll ignore this disputed CVE.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-28T00:00:00", "type": "ubuntucve", "title": "CVE-2019-12378", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12378"], "modified": "2019-05-28T00:00:00", "id": "UB:CVE-2019-12378", "href": "https://ubuntu.com/security/CVE-2019-12378", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-05T13:46:02", "description": "In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux\nkernel through 5.2.1, a malicious USB device can send an HID report that\ntriggers an out-of-bounds write during generation of debugging messages.", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-17T00:00:00", "type": "ubuntucve", "title": "CVE-2019-13631", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13631"], "modified": "2019-07-17T00:00:00", "id": "UB:CVE-2019-13631", "href": "https://ubuntu.com/security/CVE-2019-13631", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-06-05T14:10:08", "description": "An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-03T18:15:00", "type": "cve", "title": "CVE-2019-1125", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1071", "CVE-2019-1073", "CVE-2019-1125"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_7:-", "cpe:/a:redhat:virtualization_host:4.0", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:redhat:enterprise_linux_server_eus:7.7", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:redhat:enterprise_linux_server_aus:7.7", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:redhat:enterprise_linux_server_tus:7.7", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2019:-"], "id": "CVE-2019-1125", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1125", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-04T14:32:25", "description": "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1073.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-15T19:15:00", "type": "cve", "title": "CVE-2019-1071", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1071", "CVE-2019-1073"], "modified": "2019-07-16T14:36:00", "cpe": ["cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2019-1071", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1071", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-04T14:32:36", "description": "An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-15T19:15:00", "type": "cve", "title": "CVE-2019-1073", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1071", "CVE-2019-1073"], "modified": "2019-07-16T14:36:00", "cpe": ["cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2019-1073", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1073", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T15:13:19", "description": "A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-07-30T17:15:00", "type": "cve", "title": "CVE-2018-16871", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16871"], "modified": "2023-02-12T23:32:00", "cpe": ["cpe:/a:netapp:cloud_backup:-", "cpe:/o:redhat:enterprise_linux_eus:7.4", "cpe:/o:netapp:h500s_firmware:-", "cpe:/o:netapp:h700s_firmware:-", "cpe:/o:redhat:enterprise_linux_server_aus:7.4", "cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:redhat:enterprise_linux_server_tus:7.4", "cpe:/o:netapp:h500e_firmware:-", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:netapp:h410s_firmware:-", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:netapp:h410c_firmware:-", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:netapp:h300s_firmware:-", "cpe:/o:redhat:enterprise_linux:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:linux:linux_kernel:4.20", "cpe:/o:netapp:h700e_firmware:-", "cpe:/a:redhat:developer_tools:1.0", "cpe:/o:netapp:h300e_firmware:-", "cpe:/a:redhat:mrg_realtime:2.0"], "id": "CVE-2018-16871", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16871", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:mrg_realtime:2.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.20:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T14:13:06", "description": "** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: this is disputed because new_ra is never used if it is NULL.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-28T03:29:00", "type": "cve", "title": "CVE-2019-12381", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12381"], "modified": "2019-06-20T11:15:00", "cpe": ["cpe:/o:linux:linux_kernel:5.1.5"], "id": "CVE-2019-12381", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12381", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:5.1.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T14:15:34", "description": "In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-17T13:15:00", "type": "cve", "title": "CVE-2019-13272", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13272"], "modified": "2023-01-17T21:25:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:29", "cpe:/o:netapp:h610s_firmware:-", "cpe:/o:canonical:ubuntu_linux:19.04", "cpe:/o:netapp:h410c_firmware:-", "cpe:/o:netapp:aff_a700s_firmware:-", "cpe:/a:netapp:steelstore_cloud_integrated_storage:-", "cpe:/a:netapp:active_iq_unified_manager:-", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:redhat:enterprise_linux:8.0", "cpe:/o:redhat:enterprise_linux:7.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/a:netapp:solidfire:-", "cpe:/o:redhat:enterprise_linux_for_real_time:8", "cpe:/a:netapp:service_processor:-", "cpe:/h:netapp:hci_compute_node:-", "cpe:/o:debian:debian_linux:10.0", "cpe:/a:netapp:hci_management_node:-", "cpe:/a:netapp:e-series_performance_analyzer:-", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:netapp:e-series_santricity_os_controller:11.60.3"], "id": "CVE-2019-13272", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13272", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:aff_a700s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T14:13:06", "description": "** DISPUTED ** An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: The vendor disputes this issues as not being a vulnerability because kstrdup() returning NULL is handled sufficiently and there is no chance for a NULL pointer dereference.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-28T03:29:00", "type": "cve", "title": "CVE-2019-12382", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12382"], "modified": "2019-06-19T19:15:00", "cpe": ["cpe:/o:linux:linux_kernel:5.1.5"], "id": "CVE-2019-12382", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12382", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:5.1.5:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T14:11:52", "description": "fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-05-15T13:29:00", "type": "cve", "title": "CVE-2019-11833", "cwe": ["CWE-908"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11833"], "modified": "2023-03-01T15:28:00", "cpe": ["cpe:/o:redhat:enterprise_linux_eus:8.2", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:29", "cpe:/o:redhat:enterprise_linux_for_real_time_for_nfv:7", "cpe:/o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6", "cpe:/o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2", "cpe:/o:canonical:ubuntu_linux:19.04", "cpe:/o:linux:linux_kernel:5.1.2", "cpe:/o:redhat:enterprise_linux_for_real_time_tus:8.4", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_tus:8.2", "cpe:/o:redhat:enterprise_linux_server_tus:8.4", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:redhat:enterprise_linux_eus:8.4", "cpe:/o:redhat:enterprise_linux:8.0", "cpe:/o:redhat:enterprise_linux_server_tus:8.6", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_for_real_time_tus:8.6", "cpe:/o:redhat:enterprise_linux_eus:8.1", "cpe:/o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4", "cpe:/o:redhat:enterprise_linux_for_real_time:8.0", "cpe:/o:redhat:enterprise_linux_for_real_time_tus:8.2", "cpe:/o:redhat:enterprise_linux_server_aus:8.2", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_for_real_time:7", "cpe:/o:redhat:enterprise_linux_server_aus:8.6", "cpe:/o:redhat:enterprise_linux_eus:8.6", "cpe:/o:redhat:enterprise_linux_server_aus:8.4", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:redhat:enterprise_linux_for_real_time_for_nfv:8.0"], "id": "CVE-2019-11833", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11833", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:5.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T14:13:05", "description": "** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOTE: This has been disputed as not an issue.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired"