Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2019-2405.NASL
HistoryAug 12, 2019 - 12:00 a.m.

RHEL 8 : kernel-rt (RHSA-2019:2405)

2019-08-1200:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
37

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0.003

Percentile

68.2%

JSON

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2405 advisory.

  • kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)

  • kernel: broken permission and object lifetime handling for PTRACE_TRACEME (CVE-2019-13272)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2019:2405. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('compat.inc');

if (description)
{
  script_id(127721);
  script_version("1.11");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/27");

  script_cve_id("CVE-2019-1125", "CVE-2019-13272");
  script_xref(name:"RHSA", value:"2019:2405");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/06/10");

  script_name(english:"RHEL 8 : kernel-rt (RHSA-2019:2405)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for kernel-rt.");
  script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2019:2405 advisory.

  - kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)

  - kernel: broken permission and object lifetime handling for PTRACE_TRACEME (CVE-2019-13272)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://access.redhat.com/security/data/csaf/v2/advisories/2019/rhsa-2019_2405.json
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?df159f75");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/articles/4329821");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:2405");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1724389");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1730895");
  script_set_attribute(attribute:"solution", value:
"Update the RHEL kernel-rt package based on the guidance in RHSA-2019:2405.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-13272");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_cwe_id(200, 271);
  script_set_attribute(attribute:"vendor_severity", value:"Important");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/17");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/08/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl", "redhat_repos.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');
include('rhel.inc');
include('ksplice.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);

if (get_one_kb_item('Host/ksplice/kernel-cves'))
{
  rm_kb_item(name:'Host/uptrack-uname-r');
  var cve_list = make_list('CVE-2019-1125', 'CVE-2019-13272');
  if (ksplice_cves_check(cve_list))
  {
    audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2019:2405');
  }
  else
  {
    __rpm_report = ksplice_reporting_text();
  }
}

var constraints = [
  {
    'repo_relative_urls': [
      'content/dist/rhel8/8.10/x86_64/nfv/debug',
      'content/dist/rhel8/8.10/x86_64/nfv/os',
      'content/dist/rhel8/8.10/x86_64/nfv/source/SRPMS',
      'content/dist/rhel8/8.10/x86_64/rt/debug',
      'content/dist/rhel8/8.10/x86_64/rt/os',
      'content/dist/rhel8/8.10/x86_64/rt/source/SRPMS',
      'content/dist/rhel8/8.6/x86_64/nfv/debug',
      'content/dist/rhel8/8.6/x86_64/nfv/os',
      'content/dist/rhel8/8.6/x86_64/nfv/source/SRPMS',
      'content/dist/rhel8/8.6/x86_64/rt/debug',
      'content/dist/rhel8/8.6/x86_64/rt/os',
      'content/dist/rhel8/8.6/x86_64/rt/source/SRPMS',
      'content/dist/rhel8/8.8/x86_64/nfv/debug',
      'content/dist/rhel8/8.8/x86_64/nfv/os',
      'content/dist/rhel8/8.8/x86_64/nfv/source/SRPMS',
      'content/dist/rhel8/8.8/x86_64/rt/debug',
      'content/dist/rhel8/8.8/x86_64/rt/os',
      'content/dist/rhel8/8.8/x86_64/rt/source/SRPMS',
      'content/dist/rhel8/8.9/x86_64/nfv/debug',
      'content/dist/rhel8/8.9/x86_64/nfv/os',
      'content/dist/rhel8/8.9/x86_64/nfv/source/SRPMS',
      'content/dist/rhel8/8.9/x86_64/rt/debug',
      'content/dist/rhel8/8.9/x86_64/rt/os',
      'content/dist/rhel8/8.9/x86_64/rt/source/SRPMS',
      'content/dist/rhel8/8/x86_64/nfv/debug',
      'content/dist/rhel8/8/x86_64/nfv/os',
      'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',
      'content/dist/rhel8/8/x86_64/rt/debug',
      'content/dist/rhel8/8/x86_64/rt/os',
      'content/dist/rhel8/8/x86_64/rt/source/SRPMS'
    ],
    'pkgs': [
      {'reference':'kernel-rt-4.18.0-80.7.2.rt9.154.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-rt-core-4.18.0-80.7.2.rt9.154.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-rt-debug-4.18.0-80.7.2.rt9.154.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-rt-debug-core-4.18.0-80.7.2.rt9.154.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-rt-debug-devel-4.18.0-80.7.2.rt9.154.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-rt-debug-kvm-4.18.0-80.7.2.rt9.154.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-rt-debug-modules-4.18.0-80.7.2.rt9.154.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-rt-debug-modules-extra-4.18.0-80.7.2.rt9.154.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-rt-devel-4.18.0-80.7.2.rt9.154.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-rt-kvm-4.18.0-80.7.2.rt9.154.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-rt-modules-4.18.0-80.7.2.rt9.154.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-rt-modules-extra-4.18.0-80.7.2.rt9.154.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
    ]
  }
];

var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);

var flag = 0;
foreach var constraint_array ( constraints ) {
  var repo_relative_urls = NULL;
  if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
  foreach var pkg ( constraint_array['pkgs'] ) {
    var reference = NULL;
    var _release = NULL;
    var sp = NULL;
    var _cpu = NULL;
    var el_string = NULL;
    var rpm_spec_vers_cmp = NULL;
    var epoch = NULL;
    var allowmaj = NULL;
    var exists_check = NULL;
    var cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        _release &&
        rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
        (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
        rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  var extra = NULL;
  if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
  else extra = rpm_report_get();
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : extra
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-rt / kernel-rt-core / kernel-rt-debug / kernel-rt-debug-core / etc');
}
VendorProductVersionCPE
redhatenterprise_linuxkernel-rtp-cpe:/a:redhat:enterprise_linux:kernel-rt
redhatenterprise_linuxkernel-rt-corep-cpe:/a:redhat:enterprise_linux:kernel-rt-core
redhatenterprise_linuxkernel-rt-debugp-cpe:/a:redhat:enterprise_linux:kernel-rt-debug
redhatenterprise_linuxkernel-rt-debug-corep-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core
redhatenterprise_linuxkernel-rt-debug-develp-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel
redhatenterprise_linuxkernel-rt-debug-kvmp-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm
redhatenterprise_linuxkernel-rt-debug-modulesp-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules
redhatenterprise_linuxkernel-rt-debug-modules-extrap-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra
redhatenterprise_linuxkernel-rt-develp-cpe:/a:redhat:enterprise_linux:kernel-rt-devel
redhatenterprise_linuxkernel-rt-kvmp-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm
Rows per page:
1-10 of 131

Related

oraclelinux 10
nessus 58
redhat 15
packetstorm 3
ubuntucve 2
zdt 6
githubexploit 7
osv 4
cve 2
debian 4
openvas 33
attackerkb 1
fedora 5
cisa_kev 1
cvelist 2
f5 2
metasploit 1
exploitpack 2
debiancve 2
redhatcve 2
prion 2
nvd 2
exploitdb 4
veracode 1
mscve 1
kaspersky 3
thn 2
cisa 1
ubuntu 3
huawei 1
amazon 4
threatpost 1
ibm 1
centos 2
mageia 2
cloudfoundry 1
photon 2
virtuozzo 2
slackware 1
lenovo 1
oraclelinux
oraclelinux
kernel security update
2019-08-19 00:00:00
Unbreakable Enterprise kernel security update
2019-08-06 00:00:00
Unbreakable Enterprise kernel security update
2019-09-09 00:00:00
nessus
nessus
CentOS 8 : kernel (CESA-2019:2411)
2021-01-29 00:00:00
RHEL 8 : kernel (RHSA-2019:2411)
2019-08-12 00:00:00
Oracle Linux 8 : kernel (ELSA-2019-2411)
2019-08-20 00:00:00
redhat
redhat
(RHSA-2019:2411) Important: kernel security update
2019-08-07 14:59:04
(RHSA-2019:2405) Important: kernel-rt security update
2019-08-07 12:47:49
(RHSA-2019:3011) Moderate: Red Hat Virtualization security, bug fix, and enhancement update
2019-10-10 14:48:00
packetstorm
packetstorm
Linux Kernel 5.1.x PTRACE_TRACEME pkexec Local Privilege Escalation
2021-11-23 00:00:00
Linux Polkit pkexec Helper PTRACE_TRACEME Local Root
2019-10-23 00:00:00
Linux PTRACE_TRACEME Local Root
2020-03-26 00:00:00
ubuntucve
ubuntucve
CVE-2019-13272
2019-07-17 00:00:00
CVE-2019-1125
2019-08-06 00:00:00
zdt
zdt
Linux PTRACE_TRACEME Local Root Exploit
2020-03-26 00:00:00
Linux - Broken Permission and Object Lifetime Handling for PTRACE_TRACEME Exploit
2019-07-17 00:00:00
Linux Polkit pkexec Helper PTRACE_TRACEME Local Root Exploit
2019-10-23 00:00:00
githubexploit
githubexploit
Exploit for Improper Privilege Management in Linux Linux Kernel
2019-08-07 01:21:26
Exploit for Improper Privilege Management in Linux Linux Kernel
2019-09-19 01:58:35
Exploit for Improper Privilege Management in Linux Linux Kernel
2019-07-31 04:51:43
osv
osv
CVE-2019-13272
2019-07-17 13:15:10
linux - security update
2019-07-20 00:00:00
linux-4.9 - security update
2019-07-23 00:00:00
cve
cve
CVE-2019-13272
2019-07-17 13:15:10
CVE-2019-1125
2019-09-03 18:15:12
debian
debian
[SECURITY] [DLA 1863-1] linux-4.9 security update
2019-07-23 17:48:52
[SECURITY] [DSA 4484-1] linux security update
2019-07-20 14:34:14
[SECURITY] [DSA 4484-1] linux security update
2019-07-20 14:34:14
openvas
openvas
Debian: Security Advisory (DLA-1863-1)
2019-07-24 00:00:00
Fedora Update for kernel-headers FEDORA-2019-a95015e60f
2019-07-20 00:00:00
Greenbone OS - 'Spectre SWAPGS' Gadget Vulnerability (Aug 2019)
2019-08-26 00:00:00
attackerkb
attackerkb
CVE-2019-13272
2019-07-17 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: kernel-headers-5.1.18-200.fc29
2019-07-19 03:07:30
[SECURITY] Fedora 29 Update: kernel-tools-5.2.7-100.fc29
2019-08-11 01:43:14
[SECURITY] Fedora 29 Update: kernel-headers-5.2.7-100.fc29
2019-08-11 01:43:14
cisa_kev
cisa_kev
Linux Kernel Improper Privilege Management Vulnerability
2021-12-10 00:00:00
cvelist
cvelist
CVE-2019-13272
2019-07-17 12:32:55
CVE-2019-1125 Windows Kernel Information Disclosure Vulnerability
2019-09-03 17:52:41
f5
f5
K91025336 : Linux kernel vulnerability CVE-2019-13272
2019-08-30 00:00:00
K31085564 : Spectre SWAPGS gadget vulnerability CVE-2019-1125
2019-08-23 00:00:00
metasploit
metasploit
Linux Polkit pkexec helper PTRACE_TRACEME local root exploit
2019-09-05 17:00:44
exploitpack
exploitpack
Linux Kernel 4.10 5.1.17 - PTRACE_TRACEME pkexec Local Privilege Escalation
2019-07-24 00:00:00
Windows Kernel - Information Disclosure
2020-01-27 00:00:00
debiancve
debiancve
CVE-2019-13272
2019-07-17 13:15:10
CVE-2019-1125
2019-09-03 18:15:12
redhatcve
redhatcve
CVE-2019-13272
2019-10-16 06:44:39
CVE-2019-1125
2019-11-04 16:10:42
prion
prion
Design/Logic Flaw
2019-07-17 13:15:00
Information disclosure
2019-09-03 18:15:00
nvd
nvd
CVE-2019-13272
2019-07-17 13:15:10
CVE-2019-1125
2019-09-03 18:15:12
exploitdb
exploitdb
Linux Polkit - pkexec helper PTRACE_TRACEME local root (Metasploit)
2019-10-24 00:00:00
Linux Kernel 4.10 &lt; 5.1.17 - &#039;PTRACE_TRACEME&#039; pkexec Local Privilege Escalation
2019-07-24 00:00:00
Linux Kernel 5.1.x - &#039;PTRACE_TRACEME&#039; pkexec Local Privilege Escalation (2)
2021-11-23 00:00:00
veracode
veracode
Information Disclosure
2019-08-14 00:12:16
mscve
mscve
Windows Kernel Information Disclosure Vulnerability
2019-08-06 07:00:00
kaspersky
kaspersky
KLA11696 OSI vulnerability in Microsoft products (ESU)
2019-08-06 00:00:00
KLA11700 OSI vulnerability in Microsoft products (ESU)
2019-08-06 00:00:00
KLA11529 Windows Kernel Information Disclosure Vulnerability
2019-08-06 00:00:00
thn
thn
SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs
2019-08-06 20:00:00
ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor
2024-06-22 11:28:00
cisa
cisa
SWAPGS Spectre Side-Channel Vulnerability
2019-08-06 00:00:00
ubuntu
ubuntu
Linux kernel (AWS) vulnerability
2019-08-13 00:00:00
Linux kernel vulnerabilities
2019-08-13 00:00:00
Linux kernel vulnerabilities
2019-08-13 00:00:00
huawei
huawei
Security Advisory - Information Disclosure Vulnerability about SWAPGS Instruction
2020-04-08 00:00:00
amazon
amazon
Medium: kernel
2019-08-05 17:48:00
Medium: kernel
2019-08-05 17:40:00
Important: kernel
2019-07-18 17:16:00
threatpost
threatpost
New SWAPGS Side-Channel Attack Bypasses Spectre and Meltdown Defenses
2019-08-07 13:55:07
ibm
ibm
Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-zb
2019-09-11 17:35:09
centos
centos
bpftool, kernel, perf, python security update
2019-09-18 20:39:01
kernel, perf, python security update
2019-08-16 21:55:43
mageia
mageia
Updated kernel packages fix security vulnerabilities
2019-08-13 00:08:18
Updated kernel packages fix security vulnerabilities
2019-08-13 00:08:18
cloudfoundry
cloudfoundry
USN-4095-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2019-08-29 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2019-0245
2019-07-24 00:00:00
Critical Photon OS Security Update - PHSA-2019-0175
2019-09-03 00:00:00
virtuozzo
virtuozzo
Important kernel security update: New kernel 2.6.32-042stab140.1; Virtuozzo 6.0 Update 12 Hotfix 45 (6.0.12-3747)
2019-08-19 00:00:00
Important kernel security update: New kernel 2.6.32-042stab140.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0
2019-08-19 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2019-07-22 04:08:19
lenovo
lenovo
Speculative Execution Side Channel Vulnerability Variants - Lenovo Support US
2018-09-13 14:41:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0.003

Percentile

68.2%

JSON
Related for REDHAT-RHSA-2019-2405.NASL
oraclelinux10nessus58redhat15packetstorm3ubuntucve2zdt6githubexploit7osv4cve2debian4openvas33attackerkb1fedora5cisa_kev1cvelist2f52metasploit1exploitpack2debiancve2redhatcve2prion2nvd2exploitdb4veracode1mscve1kaspersky3thn2cisa1ubuntu3huawei1amazon4threatpost1ibm1centos2mageia2cloudfoundry1photon2virtuozzo2slackware1lenovo1