Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2015-0727.NASL
HistoryApr 01, 2015 - 12:00 a.m.

RHEL 7 : kernel-rt (RHSA-2015:0727)

2015-04-0100:00:00
This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
21
JSON

Updated kernel-rt packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system.

  • It was found that the Linux kernel’s Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system.
    (CVE-2014-8159, Important)

  • A use-after-free flaw was found in the way the Linux kernel’s SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system.
    (CVE-2015-1421, Important)

Red Hat would like to thank Mellanox for reporting the CVE-2014-8159 issue. The CVE-2015-1421 issue was discovered by Sun Baoliang of Red Hat.

The kernel-rt packages have been upgraded to version 3.10.0-229.1.2, which provides a number of bug fixes over the previous version, including :

  • The kdump service could become unresponsive due to a deadlock in the kernel call ioapic_lock.

  • Attempt to make metadata changes such as creating a thin device or snapshot thin device did not error out cleanly.

(BZ#1203359)

All kernel-rt users are advised to upgrade to these updated packages, which correct these issues. The system must be rebooted for this update to take effect.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2015:0727. The text 
# itself is copyright (C) Red Hat, Inc.
#

include("compat.inc");

if (description)
{
  script_id(82493);
  script_version("1.9");
  script_cvs_date("Date: 2019/10/24 15:35:39");

  script_cve_id("CVE-2014-8159", "CVE-2015-1421");
  script_xref(name:"RHSA", value:"2015:0727");

  script_name(english:"RHEL 7 : kernel-rt (RHSA-2015:0727)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated kernel-rt packages that fix two security issues and several
bugs are now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Important
security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.

* It was found that the Linux kernel's Infiniband subsystem did not
properly sanitize input parameters while registering memory regions
from user space via the (u)verbs API. A local user with access to a
/dev/infiniband/uverbsX device could use this flaw to crash the system
or, potentially, escalate their privileges on the system.
(CVE-2014-8159, Important)

* A use-after-free flaw was found in the way the Linux kernel's SCTP
implementation handled authentication key reference counting during
INIT collisions. A remote attacker could use this flaw to crash the
system or, potentially, escalate their privileges on the system.
(CVE-2015-1421, Important)

Red Hat would like to thank Mellanox for reporting the CVE-2014-8159
issue. The CVE-2015-1421 issue was discovered by Sun Baoliang of Red
Hat.

The kernel-rt packages have been upgraded to version 3.10.0-229.1.2,
which provides a number of bug fixes over the previous version,
including :

* The kdump service could become unresponsive due to a deadlock in the
kernel call ioapic_lock.

* Attempt to make metadata changes such as creating a thin device or
snapshot thin device did not error out cleanly.

(BZ#1203359)

All kernel-rt users are advised to upgrade to these updated packages,
which correct these issues. The system must be rebooted for this
update to take effect."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2015:0727"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2014-8159"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2015-1421"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/03/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/03/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/04/01");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
include("ksplice.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

if (get_one_kb_item("Host/ksplice/kernel-cves"))
{
  rm_kb_item(name:"Host/uptrack-uname-r");
  cve_list = make_list("CVE-2014-8159", "CVE-2015-1421");
  if (ksplice_cves_check(cve_list))
  {
    audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for RHSA-2015:0727");
  }
  else
  {
    __rpm_report = ksplice_reporting_text();
  }
}

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2015:0727";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"kernel-rt-3.10.0-229.1.2.rt56.141.2.el7_1")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"kernel-rt-debug-3.10.0-229.1.2.rt56.141.2.el7_1")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"kernel-rt-debug-debuginfo-3.10.0-229.1.2.rt56.141.2.el7_1")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"kernel-rt-debug-devel-3.10.0-229.1.2.rt56.141.2.el7_1")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"kernel-rt-debuginfo-3.10.0-229.1.2.rt56.141.2.el7_1")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"kernel-rt-debuginfo-common-x86_64-3.10.0-229.1.2.rt56.141.2.el7_1")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"kernel-rt-devel-3.10.0-229.1.2.rt56.141.2.el7_1")) flag++;
  if (rpm_check(release:"RHEL7", reference:"kernel-rt-doc-3.10.0-229.1.2.rt56.141.2.el7_1")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"kernel-rt-trace-3.10.0-229.1.2.rt56.141.2.el7_1")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"kernel-rt-trace-debuginfo-3.10.0-229.1.2.rt56.141.2.el7_1")) flag++;
  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"kernel-rt-trace-devel-3.10.0-229.1.2.rt56.141.2.el7_1")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxkernel-rtp-cpe:/a:redhat:enterprise_linux:kernel-rt
redhatenterprise_linuxkernel-rt-debugp-cpe:/a:redhat:enterprise_linux:kernel-rt-debug
redhatenterprise_linuxkernel-rt-debug-debuginfop-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo
redhatenterprise_linuxkernel-rt-debug-develp-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel
redhatenterprise_linuxkernel-rt-debuginfop-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo
redhatenterprise_linuxkernel-rt-debuginfo-common-x86_64p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64
redhatenterprise_linuxkernel-rt-develp-cpe:/a:redhat:enterprise_linux:kernel-rt-devel
redhatenterprise_linuxkernel-rt-docp-cpe:/a:redhat:enterprise_linux:kernel-rt-doc
redhatenterprise_linuxkernel-rt-tracep-cpe:/a:redhat:enterprise_linux:kernel-rt-trace
redhatenterprise_linuxkernel-rt-trace-debuginfop-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo
Rows per page:
1-10 of 121

Related

nessus 55
centos 4
redhat 13
openvas 53
oraclelinux 12
ubuntu 13
debiancve 2
prion 2
cve 2
veracode 3
cloudfoundry 2
securityvulns 3
cvelist 2
ubuntucve 2
f5 4
suse 6
fedora 10
mageia 4
ibm 1
debian 3
osv 3
nessus
nessus
RHEL 6 : MRG (RHSA-2015:0751)
2015-03-31 00:00:00
CentOS 7 : kernel (CESA-2015:0726)
2015-04-01 00:00:00
RHEL 7 : kernel (RHSA-2015:0726)
2015-03-27 00:00:00
centos
centos
kernel, perf, python security update
2015-04-01 03:22:51
kernel security update
2015-04-07 22:09:26
kernel, perf, python security update
2015-03-12 15:31:30
redhat
redhat
(RHSA-2015:0751) Important: kernel-rt security and bug fix update
2015-03-30 00:00:00
(RHSA-2015:0726) Important: kernel security and bug fix update
2015-03-26 09:16:32
(RHSA-2015:0727) Important: kernel-rt security and bug fix update
2015-03-26 09:17:14
openvas
openvas
RedHat Update for kernel RHSA-2015:0726-01
2015-03-27 00:00:00
CentOS Update for kernel CESA-2015:0726 centos7
2015-04-01 00:00:00
Oracle: Security Advisory (ELSA-2015-0726)
2015-10-06 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2015-03-26 00:00:00
Unbreakable Enterprise kernel security update
2015-03-31 00:00:00
Unbreakable Enterprise kernel security update
2015-03-31 00:00:00
ubuntu
ubuntu
Linux kernel vulnerability
2015-03-12 00:00:00
Linux kernel vulnerability
2015-03-12 00:00:00
Linux kernel (Utopic HWE) vulnerability
2015-03-12 00:00:00
debiancve
debiancve
CVE-2014-8159
2015-03-16 10:59:00
CVE-2015-1421
2015-03-16 10:59:00
prion
prion
Design/Logic Flaw
2015-03-16 10:59:00
Design/Logic Flaw
2015-03-16 10:59:00
cve
cve
CVE-2014-8159
2015-03-16 10:59:00
CVE-2015-1421
2015-03-16 10:59:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:05:17
Use-After-Free
2019-05-02 05:12:51
Denial Of Service (DoS)
2019-05-02 05:13:00
cloudfoundry
cloudfoundry
CVE-2014-8159 - Linux Kernel Infiniband Vulnerability | Cloud Foundry
2015-03-13 00:00:00
USN 3020-1 Linux kernel (Vivid HWE) vulnerabilities | Cloud Foundry
2016-07-01 00:00:00
securityvulns
securityvulns
[USN-2530-1] Linux kernel vulnerability
2015-03-15 00:00:00
Linux kernel multiple security vulnerabilities
2015-03-15 00:00:00
[SECURITY] [DSA 3237-1] linux security update
2015-05-05 00:00:00
cvelist
cvelist
CVE-2014-8159
2015-03-16 10:00:00
CVE-2015-1421
2015-03-16 10:00:00
ubuntucve
ubuntucve
CVE-2015-1421
2015-03-16 00:00:00
CVE-2014-8159
2014-12-31 00:00:00
f5
f5
SOL17242 - Linux kernel SCTP vulnerability CVE-2015-1421
2015-09-09 00:00:00
K17242 : Linux kernel SCTP vulnerability CVE-2015-1421
2015-09-10 00:00:00
SOL16478 - Linux kernel vulnerabilities CVE-2014-8159 and CVE-2014-8369
2015-04-22 00:00:00
suse
suse
Security update for kgraft-patch-SLE12_Update_1, kgraft-patch-SLE12_Update_2 (important)
2015-05-07 20:04:53
Security update for the Real Time Linux Kernel (important)
2015-08-12 19:09:18
Security update for the Linux Kernel (important)
2015-09-02 15:10:18
fedora
fedora
[SECURITY] Fedora 22 Update: kernel-4.0.0-0.rc4.git0.1.fc22
2015-03-22 04:43:08
[SECURITY] Fedora 21 Update: kernel-3.19.1-201.fc21
2015-03-21 05:01:11
[SECURITY] Fedora 21 Update: kernel-3.19.2-201.fc21
2015-03-29 04:31:39
mageia
mageia
Updated kernel package fixes security vulnerabilities
2015-05-01 00:57:25
Updated kernel-linus package fixes security vulnerabilities
2015-05-01 00:57:25
Updated kernel packages fix security vulnerabilities
2015-02-17 21:38:13
ibm
ibm
Security Bulletin: Multiple Kernel vulnerabilities affect PowerKVM (Multiple CVEs)
2018-06-18 01:28:02
debian
debian
[SECURITY] [DSA 3237-1] linux security update
2015-04-26 12:37:13
[SECURITY] [DSA 3237-1] linux security update
2015-04-26 12:37:31
[SECURITY] [DLA 155-1] linux-2.6 security update
2015-02-18 23:22:33
osv
osv
linux - security update
2015-04-26 00:00:00
linux - security update
2015-02-23 00:00:00
linux-2.6 - security update
2015-02-18 00:00:00
JSON
Related for REDHAT-RHSA-2015-0727.NASL
nessus55centos4redhat13openvas53oraclelinux12ubuntu13debiancve2prion2cve2veracode3cloudfoundry2securityvulns3cvelist2ubuntucve2f54suse6fedora10mageia4ibm1debian3osv3