DATABASE RESOURCES PRICING ABOUT US

{"id": "REDHAT-RHSA-2019-3055.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 7 : kernel (RHSA-2019:3055)", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)\n\n* kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net /wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fixes :\n\n* gfs2: Fix iomap write page reclaim deadlock (BZ#1737373)\n\n* [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740178)\n\n* high update_cfs_rq_blocked_load contention (BZ#1740180)\n\n* [Hyper-V][RHEL 7] kdump fails to start on a Hyper-V guest of Windows Server 2019. (BZ#1740188)\n\n* kvm: backport cpuidle-haltpoll driver (BZ#1740192)\n\n* Growing unreclaimable slab memory (BZ#1741920)\n\n* [bnx2x] ping failed from pf to vf which has been attached to vm (BZ# 1741926)\n\n* [Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM with > 240 vCPUs (i.e., when in x2APIC mode) (BZ#1743324)\n\n* Macsec: inbound MACSEC frame is unexpectedly dropped with InPktsNotValid (BZ#1744442)\n\n* RHEL 7.7 Beta - Hit error when trying to run nvme connect with IPv6 address (BZ#1744443)\n\n* RHEL 7.6 SS4 - Paths lost when running straight I/O on NVMe/RoCE system (BZ #1744444)\n\n* NFSv4.0 client sending a double CLOSE (leading to EIO application failure) (BZ#1744946)\n\n* [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds, but the VM was unavailable for 2 hours (BZ#1748239)\n\n* NFS client autodisconnect timer may fire immediately after TCP connection setup and may cause DoS type reconnect problem in complex network environments (BZ#1749290)\n\n* [Inspur] RHEL7.6 ASPEED graphic card display issue (BZ#1749296)\n\n* Allows macvlan to operated correctly over the active-backup mode to support bonding events. (BZ#1751579)\n\n* [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group (BZ# 1752421)\n\nUsers of kernel are advised to upgrade to these updated packages, which fix these bugs.", "published": "2019-10-16T00:00:00", "modified": "2022-05-18T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/129958", "reporter": "This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20856", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9506", "https://access.redhat.com/security/cve/cve-2019-3846", "https://access.redhat.com/errata/RHSA-2019:3055", "https://access.redhat.com/security/cve/cve-2019-10126", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10126", "https://access.redhat.com/security/cve/cve-2019-9506", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3846", "https://access.redhat.com/security/cve/cve-2018-20856"], "cvelist": ["CVE-2018-20856", "CVE-2019-10126", "CVE-2019-3846", "CVE-2019-9506"], "immutableFields": [], "lastseen": "2023-05-24T14:30:37", "viewCount": 72, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1086"]}, {"type": "androidsecurity", "idList": ["ANDROID:2019-08-01", "ANDROID:2020-01-01", "ANDROID:2020-03-01"]}, {"type": "apple", "idList": ["APPLE:100C3E37B89C4B8E50DE097059456EC2", "APPLE:42A8665131AAD41DD01DD2DE9BBDEBC5", "APPLE:48DFAA81838B82F0614B9A03F99F251D", "APPLE:819AEF513AB880D6C4F6CA66CB3C0021", "APPLE:HT210346", "APPLE:HT210348", "APPLE:HT210351", "APPLE:HT210353"]}, {"type": "centos", "idList": ["CESA-2019:3055"]}, {"type": "cert", "idList": ["VU:918987"]}, {"type": "cisco", "idList": ["CISCO-SA-20190813-BLUETOOTH"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:3CD9371F7B812821D289B3B89526722F", "CFOUNDRY:40058483A2E2195544934D494FF464F7", "CFOUNDRY:A005A5D22D18F966EBF6C011F833E895", "CFOUNDRY:BD71AB043932448695E8B3D20302D582"]}, {"type": "cve", "idList": ["CVE-2018-20856", "CVE-2019-10126", "CVE-2019-3846", "CVE-2019-9506"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1823-1:39845", "DEBIAN:DLA-1824-1:6789E", "DEBIAN:DLA-1885-1:84558", "DEBIAN:DLA-1919-1:239EC", "DEBIAN:DLA-1919-2:858F8", "DEBIAN:DLA-1930-1:DFCDE", "DEBIAN:DSA-4465-1:304F1", "DEBIAN:DSA-4465-1:DDE47", "DEBIAN:DSA-4497-1:7E46B", "DEBIAN:DSA-4497-1:F2AF4"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-20856", "DEBIANCVE:CVE-2019-10126", "DEBIANCVE:CVE-2019-3846", "DEBIANCVE:CVE-2019-9506"]}, {"type": "f5", "idList": ["F5:K00947806", "F5:K14673240", "F5:K51813353", "F5:K95593121"]}, {"type": "fedora", "idList": ["FEDORA:041196190421", "FEDORA:04868606351B", "FEDORA:07B5A6CB4421", "FEDORA:1BD5B6389B47", "FEDORA:2836F613193B", "FEDORA:344346042F3E", "FEDORA:3A3766C5B5A2", "FEDORA:3A69E60B3E88", "FEDORA:4002B609954A", "FEDORA:4CEF5610D7CA", "FEDORA:4F21B6125E50", "FEDORA:511986124F82", "FEDORA:511A7608E6E1", "FEDORA:54AA460F2356", "FEDORA:59E3F606D998", "FEDORA:5A4D662AE22C", "FEDORA:5BC786077CC2", "FEDORA:6B43460C450E", "FEDORA:6E67663233DB", "FEDORA:754F860A98ED", "FEDORA:84FBF6179A05", "FEDORA:9801060D30FA", "FEDORA:98E8F6079A11", "FEDORA:BF5EC607125E", "FEDORA:C0A4560C423F", "FEDORA:C1EA6603ECEC", "FEDORA:C4D496071279", "FEDORA:C63656040AE1", "FEDORA:C6AF860C4240", "FEDORA:C7391611860D", "FEDORA:CB0956087865", "FEDORA:D3523607924A"]}, {"type": "fortinet", "idList": ["FG-IR-19-224"]}, {"type": "githubexploit", "idList": ["1DCD6499-0990-565E-9159-24DBA1428255"]}, {"type": "hp", "idList": ["HP:C06521007"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20190828-01-KNOB"]}, {"type": "ibm", "idList": ["4E20FF6980EF77F8F7C53E254EBEB9AF129EF6EDA938A5BDE9CFA46C95393000", "577E6752CB94DC8755F2E4A38D9BA5117DD396F8C762252ACA978966E42D7766", "5C971ABE298E715E4DD664F197820425272400B40C52EF433CFD40BAFACB63C8", "9148A44BD9A1C1A13CCEBD8F0346557CF005830103920CDDC01519240525CB58", "B947805A29EE83AAAED8ABADDD8CFF00AA389BFC4D7DDC49FC3A89A557DD856C"]}, {"type": "kaspersky", "idList": ["KLA11534", "KLA11989"]}, {"type": "lenovo", "idList": ["LENOVO:PS500267-ENCRYPTION-KEY-NEGOTIATION-OF-BLUETOOTH-VULNERABILITY-NOSID", "LENOVO:PS500267-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2019-0221"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:B7AA161DBAFDA8D7D246FF7D80A9ADC4"]}, {"type": "mscve", "idList": ["MS:CVE-2019-9506"]}, {"type": "nessus", "idList": ["ALA_ALAS-2018-1086.NASL", "CENTOS8_RHSA-2019-2703.NASL", "CENTOS8_RHSA-2019-3517.NASL", "CENTOS_RHSA-2019-3055.NASL", "DEBIAN_DLA-1823.NASL", "DEBIAN_DLA-1824.NASL", "DEBIAN_DLA-1885.NASL", "DEBIAN_DLA-1919.NASL", "DEBIAN_DLA-1930.NASL", "DEBIAN_DSA-4465.NASL", "DEBIAN_DSA-4497.NASL", "EULEROS_SA-2019-1919.NASL", "EULEROS_SA-2019-1926.NASL", "EULEROS_SA-2019-2068.NASL", "EULEROS_SA-2019-2274.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2019-2531.NASL", "EULEROS_SA-2020-1186.NASL", "EULEROS_SA-2020-1269.NASL", "EULEROS_SA-2020-1396.NASL", "EULEROS_SA-2021-1056.NASL", "FEDORA_2019-7EC378191E.NASL", "FEDORA_2019-F40BD7826F.NASL", "NEWSTART_CGSL_NS-SA-2019-0221_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0222_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0247_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0253_KERNEL-RT.NASL", "NUTANIX_NXSA-AOS-5_11_3.NASL", "NUTANIX_NXSA-AOS-5_16_0_1.NASL", "NUTANIX_NXSA-AOS-5_16_1.NASL", "NUTANIX_NXSA-AOS-5_17.NASL", "OPENSUSE-2019-1570.NASL", "OPENSUSE-2019-1571.NASL", "OPENSUSE-2019-1579.NASL", "OPENSUSE-2019-1716.NASL", "OPENSUSE-2019-1757.NASL", "OPENSUSE-2019-2307.NASL", "OPENSUSE-2019-2308.NASL", "ORACLELINUX_ELSA-2019-2703.NASL", "ORACLELINUX_ELSA-2019-3055.NASL", "ORACLELINUX_ELSA-2020-5755.NASL", "ORACLELINUX_ELSA-2020-5866.NASL", "ORACLEVM_OVMSA-2020-0044.NASL", "PHOTONOS_PHSA-209-2_0-0175_LINUX.NASL", "REDHAT-RHSA-2019-2703.NASL", "REDHAT-RHSA-2019-2741.NASL", "REDHAT-RHSA-2019-2975.NASL", "REDHAT-RHSA-2019-3076.NASL", "REDHAT-RHSA-2019-3089.NASL", "REDHAT-RHSA-2019-3165.NASL", "REDHAT-RHSA-2019-3187.NASL", "REDHAT-RHSA-2019-3217.NASL", "REDHAT-RHSA-2019-3218.NASL", "REDHAT-RHSA-2019-3220.NASL", "REDHAT-RHSA-2019-3231.NASL", "REDHAT-RHSA-2019-3309.NASL", "REDHAT-RHSA-2019-3517.NASL", "REDHAT-RHSA-2020-0100.NASL", "REDHAT-RHSA-2020-0103.NASL", "REDHAT-RHSA-2020-0174.NASL", "REDHAT-RHSA-2020-0204.NASL", "REDHAT-RHSA-2020-0543.NASL", "REDHAT-RHSA-2020-0664.NASL", "REDHAT-RHSA-2020-0698.NASL", "REDHAT-RHSA-2020-1460.NASL", "REDHAT-RHSA-2020-2289.NASL", "SLACKWARE_SSA_2019-202-01.NASL", "SLACKWARE_SSA_2019-226-01.NASL", "SL_20191016_KERNEL_ON_SL7_X.NASL", "SMB_NT_MS19_AUG_4511553.NASL", "SMB_NT_MS19_AUG_4512488.NASL", "SMB_NT_MS19_AUG_4512497.NASL", "SMB_NT_MS19_AUG_4512501.NASL", "SMB_NT_MS19_AUG_4512506.NASL", "SMB_NT_MS19_AUG_4512507.NASL", "SMB_NT_MS19_AUG_4512508.NASL", "SMB_NT_MS19_AUG_4512516.NASL", "SMB_NT_MS19_AUG_4512517.NASL", "SMB_NT_MS19_AUG_4512518.NASL", "SUSE_SU-2019-14127-1.NASL", "SUSE_SU-2019-1527-1.NASL", "SUSE_SU-2019-1529-1.NASL", "SUSE_SU-2019-1530-1.NASL", "SUSE_SU-2019-1532-1.NASL", "SUSE_SU-2019-1533-1.NASL", "SUSE_SU-2019-1534-1.NASL", "SUSE_SU-2019-1535-1.NASL", "SUSE_SU-2019-1536-1.NASL", "SUSE_SU-2019-1550-1.NASL", "SUSE_SU-2019-1668-1.NASL", "SUSE_SU-2019-1671-1.NASL", "SUSE_SU-2019-1692-1.NASL", "SUSE_SU-2019-1823-1.NASL", "SUSE_SU-2019-1829-1.NASL", "SUSE_SU-2019-1851-1.NASL", "SUSE_SU-2019-1852-1.NASL", "SUSE_SU-2019-1854-1.NASL", "SUSE_SU-2019-1855-1.NASL", "SUSE_SU-2019-1948-1.NASL", "SUSE_SU-2019-2263-1.NASL", "SUSE_SU-2019-2299-1.NASL", "SUSE_SU-2019-2430-1.NASL", "SUSE_SU-2019-2648-1.NASL", "SUSE_SU-2019-2706-1.NASL", "SUSE_SU-2019-2710-1.NASL", "SUSE_SU-2019-2821-1.NASL", "SUSE_SU-2019-2879-1.NASL", "SUSE_SU-2019-2949-1.NASL", "SUSE_SU-2019-2950-1.NASL", "SUSE_SU-2019-2984-1.NASL", "SUSE_SU-2019-3200-1.NASL", "SUSE_SU-2019-3228-1.NASL", "SUSE_SU-2019-3232-1.NASL", "SUSE_SU-2019-3258-1.NASL", "SUSE_SU-2019-3260-1.NASL", "SUSE_SU-2019-3261-1.NASL", "SUSE_SU-2019-3295-1.NASL", "SUSE_SU-2020-0093-1.NASL", "UBUNTU_USN-4093-1.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4095-1.NASL", "UBUNTU_USN-4115-1.NASL", "UBUNTU_USN-4115-2.NASL", "UBUNTU_USN-4116-1.NASL", "UBUNTU_USN-4117-1.NASL", "UBUNTU_USN-4118-1.NASL", "UBUNTU_USN-4147-1.NASL", "VIRTUOZZO_VZA-2019-081.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704465", "OPENVAS:1361412562310704497", "OPENVAS:1361412562310815431", "OPENVAS:1361412562310815432", "OPENVAS:1361412562310815433", "OPENVAS:1361412562310815434", "OPENVAS:1361412562310815435", "OPENVAS:1361412562310815436", "OPENVAS:1361412562310815437", "OPENVAS:1361412562310815438", "OPENVAS:1361412562310815439", "OPENVAS:1361412562310844131", "OPENVAS:1361412562310844133", "OPENVAS:1361412562310844134", "OPENVAS:1361412562310844156", "OPENVAS:1361412562310844158", "OPENVAS:1361412562310844159", "OPENVAS:1361412562310844160", "OPENVAS:1361412562310844174", "OPENVAS:1361412562310844194", "OPENVAS:1361412562310852568", "OPENVAS:1361412562310852570", "OPENVAS:1361412562310852611", "OPENVAS:1361412562310852737", "OPENVAS:1361412562310852917", "OPENVAS:1361412562310852928", "OPENVAS:1361412562310852970", "OPENVAS:1361412562310876466", "OPENVAS:1361412562310876467", "OPENVAS:1361412562310876476", "OPENVAS:1361412562310876477", "OPENVAS:1361412562310876479", "OPENVAS:1361412562310876489", "OPENVAS:1361412562310876510", "OPENVAS:1361412562310876515", "OPENVAS:1361412562310876543", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310876586", "OPENVAS:1361412562310876611", "OPENVAS:1361412562310876621", "OPENVAS:1361412562310876638", "OPENVAS:1361412562310876653", "OPENVAS:1361412562310876666", "OPENVAS:1361412562310876750", "OPENVAS:1361412562310876753", "OPENVAS:1361412562310876809", "OPENVAS:1361412562310876841", "OPENVAS:1361412562310876869", "OPENVAS:1361412562310876925", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310876995", "OPENVAS:1361412562310876999", "OPENVAS:1361412562310877052", "OPENVAS:1361412562310877058", "OPENVAS:1361412562310877070", "OPENVAS:1361412562310877370", "OPENVAS:1361412562310877476", "OPENVAS:1361412562310877540", "OPENVAS:1361412562310883117", "OPENVAS:1361412562310891823", "OPENVAS:1361412562310891824", "OPENVAS:1361412562310891885", "OPENVAS:1361412562310891919", "OPENVAS:1361412562310891930", "OPENVAS:1361412562311220191919", "OPENVAS:1361412562311220191926", "OPENVAS:1361412562311220192068", "OPENVAS:1361412562311220192274", "OPENVAS:1361412562311220192353", "OPENVAS:1361412562311220192531", "OPENVAS:1361412562311220201186", "OPENVAS:1361412562311220201269", "OPENVAS:1361412562311220201396"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2703", "ELSA-2019-3055", "ELSA-2019-3517", "ELSA-2020-5755", "ELSA-2020-5866"]}, {"type": "osv", "idList": ["OSV:DLA-1823-1", "OSV:DLA-1824-1", "OSV:DLA-1885-1", "OSV:DLA-1919-1", "OSV:DLA-1930-1", "OSV:DSA-4465-1", "OSV:DSA-4497-1"]}, {"type": "photon", "idList": ["PHSA-2019-0026", "PHSA-2019-0175", "PHSA-2019-0178", "PHSA-2019-0250", "PHSA-2019-1.0-0248", "PHSA-2019-2.0-0175", "PHSA-2019-3.0-0026"]}, {"type": "redhat", "idList": ["RHSA-2019:2703", "RHSA-2019:2741", "RHSA-2019:2975", "RHSA-2019:3055", "RHSA-2019:3076", "RHSA-2019:3089", "RHSA-2019:3165", "RHSA-2019:3187", "RHSA-2019:3217", "RHSA-2019:3218", "RHSA-2019:3220", "RHSA-2019:3231", "RHSA-2019:3309", "RHSA-2019:3517", "RHSA-2020:0100", "RHSA-2020:0103", "RHSA-2020:0174", "RHSA-2020:0204", "RHSA-2020:0543", "RHSA-2020:0664", "RHSA-2020:0698", "RHSA-2020:1460", "RHSA-2020:2289"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-20856", "RH:CVE-2019-10126", "RH:CVE-2019-3846", "RH:CVE-2019-9506"]}, {"type": "slackware", "idList": ["SSA-2019-202-01", "SSA-2019-226-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1570-1", "OPENSUSE-SU-2019:1571-1", "OPENSUSE-SU-2019:1579-1", "OPENSUSE-SU-2019:1716-1", "OPENSUSE-SU-2019:1757-1", "OPENSUSE-SU-2019:2307-1", "OPENSUSE-SU-2019:2308-1"]}, {"type": "symantec", "idList": ["SMNTC-109509"]}, {"type": "talosblog", "idList": ["TALOSBLOG:F543D5FEAB2BB1C90B9699F8AE8757F4"]}, {"type": "thn", "idList": ["THN:7C2166B58EF6EE65AF920B2CE0FD9845"]}, {"type": "threatpost", "idList": ["THREATPOST:0C3D5795D480495E2117878151D25765", "THREATPOST:25E72D5927161BC631CDDD38FB642431", "THREATPOST:62D876A38CF65F658A4E0332E90F521A"]}, {"type": "ubuntu", "idList": ["USN-4093-1", "USN-4094-1", "USN-4095-1", "USN-4095-2", "USN-4115-1", "USN-4115-2", "USN-4116-1", "USN-4117-1", "USN-4118-1", "USN-4147-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-20856", "UB:CVE-2019-10126", "UB:CVE-2019-3846", "UB:CVE-2019-9506"]}, {"type": "veracode", "idList": ["VERACODE:21657", "VERACODE:21702", "VERACODE:21703", "VERACODE:21704"]}, {"type": "virtuozzo", "idList": ["VZA-2019-081"]}]}, "score": {"value": -0.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1086"]}, {"type": "androidsecurity", "idList": ["ANDROID:2019-08-01", "ANDROID:2020-01-01"]}, {"type": "apple", "idList": ["APPLE:100C3E37B89C4B8E50DE097059456EC2", "APPLE:42A8665131AAD41DD01DD2DE9BBDEBC5", "APPLE:48DFAA81838B82F0614B9A03F99F251D", "APPLE:819AEF513AB880D6C4F6CA66CB3C0021", "APPLE:HT210346", "APPLE:HT210348", "APPLE:HT210351", "APPLE:HT210353"]}, {"type": "centos", "idList": ["CESA-2019:3055"]}, {"type": "cert", "idList": ["VU:918987"]}, {"type": "cisco", "idList": ["CISCO-SA-20190813-BLUETOOTH"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:3CD9371F7B812821D289B3B89526722F", "CFOUNDRY:40058483A2E2195544934D494FF464F7", "CFOUNDRY:A005A5D22D18F966EBF6C011F833E895", "CFOUNDRY:BD71AB043932448695E8B3D20302D582"]}, {"type": "cve", "idList": ["CVE-2018-20856", "CVE-2019-10126", "CVE-2019-3846", "CVE-2019-9506"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1823-1:39845", "DEBIAN:DLA-1824-1:6789E", "DEBIAN:DLA-1885-1:84558", "DEBIAN:DLA-1919-1:239EC", "DEBIAN:DLA-1919-2:858F8", "DEBIAN:DLA-1930-1:DFCDE", "DEBIAN:DSA-4465-1:304F1", "DEBIAN:DSA-4497-1:7E46B"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-20856", "DEBIANCVE:CVE-2019-10126", "DEBIANCVE:CVE-2019-3846", "DEBIANCVE:CVE-2019-9506"]}, {"type": "f5", "idList": ["F5:K14673240", "F5:K95593121"]}, {"type": "fedora", "idList": ["FEDORA:041196190421", "FEDORA:04868606351B", "FEDORA:07B5A6CB4421", "FEDORA:1BD5B6389B47", "FEDORA:2836F613193B", "FEDORA:344346042F3E", "FEDORA:3A3766C5B5A2", "FEDORA:3A69E60B3E88", "FEDORA:4002B609954A", "FEDORA:4CEF5610D7CA", "FEDORA:4F21B6125E50", "FEDORA:511986124F82", "FEDORA:511A7608E6E1", "FEDORA:54AA460F2356", "FEDORA:59E3F606D998", "FEDORA:5A4D662AE22C", "FEDORA:5BC786077CC2", "FEDORA:6B43460C450E", "FEDORA:6E67663233DB", "FEDORA:754F860A98ED", "FEDORA:84FBF6179A05", "FEDORA:9801060D30FA", "FEDORA:98E8F6079A11", "FEDORA:BF5EC607125E", "FEDORA:C0A4560C423F", "FEDORA:C1EA6603ECEC", "FEDORA:C4D496071279", "FEDORA:C63656040AE1", "FEDORA:C6AF860C4240", "FEDORA:C7391611860D", "FEDORA:CB0956087865", "FEDORA:D3523607924A"]}, {"type": "fortinet", "idList": ["FG-IR-19-224"]}, {"type": "githubexploit", "idList": ["1DCD6499-0990-565E-9159-24DBA1428255"]}, {"type": "hp", "idList": ["HP:C06521007"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20190828-01-KNOB"]}, {"type": "ibm", "idList": ["5C971ABE298E715E4DD664F197820425272400B40C52EF433CFD40BAFACB63C8"]}, {"type": "kaspersky", "idList": ["KLA11534", "KLA11697", "KLA11989"]}, {"type": "lenovo", "idList": ["LENOVO:PS500267-NOSID"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:B7AA161DBAFDA8D7D246FF7D80A9ADC4"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2018-20856/"]}, {"type": "mscve", "idList": ["MS:CVE-2019-9506"]}, {"type": "nessus", "idList": ["ALA_ALAS-2018-1086.NASL", "CENTOS_RHSA-2019-3055.NASL", "DEBIAN_DLA-1823.NASL", "DEBIAN_DLA-1824.NASL", "DEBIAN_DLA-1885.NASL", "DEBIAN_DLA-1919.NASL", "DEBIAN_DLA-1930.NASL", "DEBIAN_DSA-4465.NASL", "DEBIAN_DSA-4497.NASL", "EULEROS_SA-2019-1919.NASL", "EULEROS_SA-2019-1926.NASL", "EULEROS_SA-2019-2068.NASL", "FEDORA_2019-7EC378191E.NASL", "FEDORA_2019-F40BD7826F.NASL", "OPENSUSE-2019-1570.NASL", "OPENSUSE-2019-1571.NASL", "OPENSUSE-2019-1579.NASL", "OPENSUSE-2019-1716.NASL", "OPENSUSE-2019-1757.NASL", "OPENSUSE-2019-2307.NASL", "OPENSUSE-2019-2308.NASL", "ORACLELINUX_ELSA-2019-2703.NASL", "ORACLELINUX_ELSA-2019-3055.NASL", "PHOTONOS_PHSA-209-2_0-0175_LINUX.NASL", "REDHAT-RHSA-2019-2703.NASL", "REDHAT-RHSA-2019-2741.NASL", "REDHAT-RHSA-2019-2975.NASL", "REDHAT-RHSA-2019-3076.NASL", "REDHAT-RHSA-2019-3089.NASL", "REDHAT-RHSA-2019-3165.NASL", "REDHAT-RHSA-2019-3187.NASL", "REDHAT-RHSA-2019-3217.NASL", "REDHAT-RHSA-2019-3218.NASL", "REDHAT-RHSA-2019-3220.NASL", "REDHAT-RHSA-2019-3231.NASL", "REDHAT-RHSA-2020-0543.NASL", "REDHAT-RHSA-2020-0664.NASL", "REDHAT-RHSA-2020-0698.NASL", "SLACKWARE_SSA_2019-202-01.NASL", "SLACKWARE_SSA_2019-226-01.NASL", "SL_20191016_KERNEL_ON_SL7_X.NASL", "SUSE_SU-2019-1527-1.NASL", "SUSE_SU-2019-1529-1.NASL", "SUSE_SU-2019-1530-1.NASL", "SUSE_SU-2019-1532-1.NASL", "SUSE_SU-2019-1533-1.NASL", "SUSE_SU-2019-1534-1.NASL", "SUSE_SU-2019-1535-1.NASL", "SUSE_SU-2019-1536-1.NASL", "SUSE_SU-2019-1550-1.NASL", "SUSE_SU-2019-1668-1.NASL", "SUSE_SU-2019-1671-1.NASL", "SUSE_SU-2019-1692-1.NASL", "SUSE_SU-2019-1823-1.NASL", "SUSE_SU-2019-1829-1.NASL", "SUSE_SU-2019-1851-1.NASL", "SUSE_SU-2019-1852-1.NASL", "SUSE_SU-2019-1854-1.NASL", "SUSE_SU-2019-1855-1.NASL", "SUSE_SU-2019-1948-1.NASL", "SUSE_SU-2019-2263-1.NASL", "SUSE_SU-2019-2299-1.NASL", "SUSE_SU-2019-2430-1.NASL", "SUSE_SU-2019-2648-1.NASL", "SUSE_SU-2019-2706-1.NASL", "SUSE_SU-2019-2710-1.NASL", "SUSE_SU-2019-2821-1.NASL", "SUSE_SU-2019-2879-1.NASL", "UBUNTU_USN-4093-1.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4095-1.NASL", "UBUNTU_USN-4115-1.NASL", "UBUNTU_USN-4115-2.NASL", "UBUNTU_USN-4116-1.NASL", "UBUNTU_USN-4117-1.NASL", "UBUNTU_USN-4118-1.NASL", "UBUNTU_USN-4147-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704465", "OPENVAS:1361412562310815431", "OPENVAS:1361412562310815432", "OPENVAS:1361412562310815433", "OPENVAS:1361412562310815434", "OPENVAS:1361412562310815435", "OPENVAS:1361412562310815436", "OPENVAS:1361412562310815437", "OPENVAS:1361412562310815438", "OPENVAS:1361412562310815439", "OPENVAS:1361412562310844131", "OPENVAS:1361412562310844133", "OPENVAS:1361412562310844134", "OPENVAS:1361412562310844156", "OPENVAS:1361412562310844158", "OPENVAS:1361412562310844159", "OPENVAS:1361412562310844160", "OPENVAS:1361412562310844174", "OPENVAS:1361412562310844194", "OPENVAS:1361412562310852568", "OPENVAS:1361412562310852570", "OPENVAS:1361412562310852611", "OPENVAS:1361412562310852737", "OPENVAS:1361412562310876466", "OPENVAS:1361412562310876467", "OPENVAS:1361412562310876476", "OPENVAS:1361412562310876477", "OPENVAS:1361412562310876479", "OPENVAS:1361412562310876489", "OPENVAS:1361412562310876510", "OPENVAS:1361412562310876515", "OPENVAS:1361412562310876543", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310876586", "OPENVAS:1361412562310876611", "OPENVAS:1361412562310876621", "OPENVAS:1361412562310876638", "OPENVAS:1361412562310876653", "OPENVAS:1361412562310876666", "OPENVAS:1361412562310876750", "OPENVAS:1361412562310876753", "OPENVAS:1361412562310876809", "OPENVAS:1361412562310876841", "OPENVAS:1361412562310876869", "OPENVAS:1361412562310876925", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310877476", "OPENVAS:1361412562310877540", "OPENVAS:1361412562310883117", "OPENVAS:1361412562310891823", "OPENVAS:1361412562310891824", "OPENVAS:1361412562310891885", "OPENVAS:1361412562310891919", "OPENVAS:1361412562310891930"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2703", "ELSA-2019-3055"]}, {"type": "photon", "idList": ["PHSA-2019-2.0-0175", "PHSA-2019-3.0-0026"]}, {"type": "redhat", "idList": ["RHSA-2020:0543", "RHSA-2020:0698"]}, {"type": "slackware", "idList": ["SSA-2019-202-01", "SSA-2019-226-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1570-1", "OPENSUSE-SU-2019:1571-1", "OPENSUSE-SU-2019:1579-1", "OPENSUSE-SU-2019:1716-1", "OPENSUSE-SU-2019:1757-1", "OPENSUSE-SU-2019:2307-1", "OPENSUSE-SU-2019:2308-1"]}, {"type": "symantec", "idList": ["SMNTC-109509"]}, {"type": "talosblog", "idList": ["TALOSBLOG:F543D5FEAB2BB1C90B9699F8AE8757F4"]}, {"type": "thn", "idList": ["THN:7C2166B58EF6EE65AF920B2CE0FD9845"]}, {"type": "threatpost", "idList": ["THREATPOST:0C3D5795D480495E2117878151D25765", "THREATPOST:25E72D5927161BC631CDDD38FB642431", "THREATPOST:62D876A38CF65F658A4E0332E90F521A"]}, {"type": "ubuntu", "idList": ["USN-4093-1", "USN-4094-1", "USN-4095-1", "USN-4095-2", "USN-4115-1", "USN-4115-2", "USN-4116-1", "USN-4117-1", "USN-4118-1", "USN-4147-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-9506"]}, {"type": "virtuozzo", "idList": ["VZA-2019-081"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2018-20856", "epss": 0.00046, "percentile": 0.14019, "modified": "2023-05-06"}, {"cve": "CVE-2019-10126", "epss": 0.01137, "percentile": 0.82617, "modified": "2023-05-06"}, {"cve": "CVE-2019-3846", "epss": 0.00102, "percentile": 0.40386, "modified": "2023-05-06"}, {"cve": "CVE-2019-9506", "epss": 0.00095, "percentile": 0.38753, "modified": "2023-05-06"}], "vulnersScore": -0.3}, "_state": {"dependencies": 1685049388, "score": 1684940115, "epss": 0}, "_internal": {"score_hash": "b938dd2842dc2e25c3b9f0c546446451"}, "pluginID": "129958", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3055. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129958);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2018-20856\",\n \"CVE-2019-3846\",\n \"CVE-2019-9506\",\n \"CVE-2019-10126\"\n );\n script_xref(name:\"RHSA\", value:\"2019:3055\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2019:3055)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* kernel: Use-after-free in __blk_drain_queue() function in\nblock/blk-core.c (CVE-2018-20856)\n\n* kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in\nmarvell/mwifiex/scan.c (CVE-2019-3846)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks\n(KNOB) (CVE-2019-9506)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in\ndrivers/net /wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fixes :\n\n* gfs2: Fix iomap write page reclaim deadlock (BZ#1737373)\n\n* [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree\n(BZ#1740178)\n\n* high update_cfs_rq_blocked_load contention (BZ#1740180)\n\n* [Hyper-V][RHEL 7] kdump fails to start on a Hyper-V guest of Windows\nServer 2019. (BZ#1740188)\n\n* kvm: backport cpuidle-haltpoll driver (BZ#1740192)\n\n* Growing unreclaimable slab memory (BZ#1741920)\n\n* [bnx2x] ping failed from pf to vf which has been attached to vm (BZ#\n1741926)\n\n* [Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM\nwith > 240 vCPUs (i.e., when in x2APIC mode) (BZ#1743324)\n\n* Macsec: inbound MACSEC frame is unexpectedly dropped with\nInPktsNotValid (BZ#1744442)\n\n* RHEL 7.7 Beta - Hit error when trying to run nvme connect with IPv6\naddress (BZ#1744443)\n\n* RHEL 7.6 SS4 - Paths lost when running straight I/O on NVMe/RoCE\nsystem (BZ #1744444)\n\n* NFSv4.0 client sending a double CLOSE (leading to EIO application\nfailure) (BZ#1744946)\n\n* [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds,\nbut the VM was unavailable for 2 hours (BZ#1748239)\n\n* NFS client autodisconnect timer may fire immediately after TCP\nconnection setup and may cause DoS type reconnect problem in complex\nnetwork environments (BZ#1749290)\n\n* [Inspur] RHEL7.6 ASPEED graphic card display issue (BZ#1749296)\n\n* Allows macvlan to operated correctly over the active-backup mode to\nsupport bonding events. (BZ#1751579)\n\n* [LLNL 7.5 Bug] slab leak causing a crash when using kmem control\ngroup (BZ# 1752421)\n\nUsers of kernel are advised to upgrade to these updated packages,\nwhich fix these bugs.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-20856\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-3846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9506\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-10126\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-10126\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-20856\", \"CVE-2019-10126\", \"CVE-2019-3846\", \"CVE-2019-9506\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:3055\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3055\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"bpftool-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"bpftool-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"bpftool-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"bpftool-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-abi-whitelists-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-devel-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-devel-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-doc-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-headers-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-devel-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / kernel-abi-whitelists / etc\");\n }\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:bpftool-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.7"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2019-3846", "vendor_cvss2": {"score": 8.3, "vector": "CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2019-10-15T00:00:00", "vulnerabilityPublicationDate": "2019-06-03T00:00:00", "exploitableWith": []}

{"nessus": [{"lastseen": "2023-05-24T14:30:18", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3055 advisory.\n\n - A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (CVE-2019-3846)\n\n - An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an\n __blk_drain_queue() use-after-free because a certain error case is mishandled. (CVE-2018-20856)\n\n - The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka KNOB) that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. (CVE-2019-9506)\n\n - A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences. (CVE-2019-10126)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-10-18T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : kernel (ELSA-2019-3055)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-10126", "CVE-2019-3846", "CVE-2019-9506"], "modified": "2022-05-18T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:bpftool", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2019-3055.NASL", "href": "https://www.tenable.com/plugins/nessus/130039", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-3055.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130039);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2018-20856\",\n \"CVE-2019-3846\",\n \"CVE-2019-9506\",\n \"CVE-2019-10126\"\n );\n script_xref(name:\"RHSA\", value:\"2019:3055\");\n\n script_name(english:\"Oracle Linux 7 : kernel (ELSA-2019-3055)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2019-3055 advisory.\n\n - A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the\n mwifiex kernel module while connecting to a malicious wireless network. (CVE-2019-3846)\n\n - An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an\n __blk_drain_queue() use-after-free because a certain error case is mishandled. (CVE-2018-20856)\n\n - The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key\n length and does not prevent an attacker from influencing the key length negotiation. This allows practical\n brute-force attacks (aka KNOB) that can decrypt traffic and inject arbitrary ciphertext without the\n victim noticing. (CVE-2019-9506)\n\n - A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function\n in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other\n consequences. (CVE-2019-10126)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-3055.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-10126\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['3.10.0-1062.4.1.el7'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-3055');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '3.10';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'bpftool-3.10.0-1062.4.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-1062.4.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-3.10.0'},\n {'reference':'kernel-abi-whitelists-3.10.0-1062.4.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-whitelists-3.10.0'},\n {'reference':'kernel-debug-3.10.0-1062.4.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-3.10.0'},\n {'reference':'kernel-debug-devel-3.10.0-1062.4.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-3.10.0'},\n {'reference':'kernel-devel-3.10.0-1062.4.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-3.10.0'},\n {'reference':'kernel-headers-3.10.0-1062.4.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-3.10.0'},\n {'reference':'kernel-tools-3.10.0-1062.4.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-3.10.0'},\n {'reference':'kernel-tools-libs-3.10.0-1062.4.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-3.10.0'},\n {'reference':'kernel-tools-libs-devel-3.10.0-1062.4.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-devel-3.10.0'},\n {'reference':'perf-3.10.0-1062.4.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-1062.4.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:39", "description": "An update for kernel-rt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es) :\n\n* kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)\n\n* kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net /wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570)", "cvss3": {}, "published": "2019-10-17T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel-rt (RHSA-2019:3089)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-10126", "CVE-2019-3846", "CVE-2019-9506"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm-debuginfo", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-3089.NASL", "href": "https://www.tenable.com/plugins/nessus/129992", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3089. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129992);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2018-20856\",\n \"CVE-2019-3846\",\n \"CVE-2019-9506\",\n \"CVE-2019-10126\"\n );\n script_xref(name:\"RHSA\", value:\"2019:3089\");\n\n script_name(english:\"RHEL 7 : kernel-rt (RHSA-2019:3089)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kernel-rt is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which\nenables fine-tuning for systems with extremely high determinism\nrequirements.\n\nSecurity Fix(es) :\n\n* kernel: Use-after-free in __blk_drain_queue() function in\nblock/blk-core.c (CVE-2018-20856)\n\n* kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in\nmarvell/mwifiex/scan.c (CVE-2019-3846)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks\n(KNOB) (CVE-2019-9506)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in\ndrivers/net /wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3089\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-20856\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-3846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9506\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-10126\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-10126\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-20856\", \"CVE-2019-10126\", \"CVE-2019-3846\", \"CVE-2019-9506\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:3089\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3089\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-kvm-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-kvm-debuginfo-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-rt-doc-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-kvm-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-kvm-debuginfo-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-kvm-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-kvm-debuginfo-3.10.0-1062.4.1.rt56.1027.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:03", "description": "An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThis is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.\n\nSecurity Fix(es) :\n\n* kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)\n\n* kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net /wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-10-16T00:00:00", "type": "nessus", "title": "RHEL 7 : kpatch-patch (RHSA-2019:3076)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-10126", "CVE-2019-3846", "CVE-2019-9506"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_1_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_1_1-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_1_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_1_2-debuginfo", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2019-3076.NASL", "href": "https://www.tenable.com/plugins/nessus/129960", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3076. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129960);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2018-20856\",\n \"CVE-2019-3846\",\n \"CVE-2019-9506\",\n \"CVE-2019-10126\"\n );\n script_xref(name:\"RHSA\", value:\"2019:3076\");\n\n script_name(english:\"RHEL 7 : kpatch-patch (RHSA-2019:3076)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kpatch-patch is now available for Red Hat Enterprise\nLinux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThis is a kernel live patch module which is automatically loaded by\nthe RPM post-install script to modify the code of a running kernel.\n\nSecurity Fix(es) :\n\n* kernel: Use-after-free in __blk_drain_queue() function in\nblock/blk-core.c (CVE-2018-20856)\n\n* kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in\nmarvell/mwifiex/scan.c (CVE-2019-3846)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks\n(KNOB) (CVE-2019-9506)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in\ndrivers/net /wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3076\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2018-20856\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-3846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9506\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-10126\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-10126\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_1_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_1_2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3076\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kpatch-patch-3_10_0-1062-1-5.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kpatch-patch-3_10_0-1062-debuginfo-1-5.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kpatch-patch-3_10_0-1062_1_1-1-4.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kpatch-patch-3_10_0-1062_1_1-debuginfo-1-4.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kpatch-patch-3_10_0-1062_1_2-1-3.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kpatch-patch-3_10_0-1062_1_2-debuginfo-1-3.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kpatch-patch-3_10_0-1062 / kpatch-patch-3_10_0-1062-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:29:50", "description": "Security Fix(es) :\n\n - kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)\n\n - kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)\n\n - hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\n - kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fixes :\n\n - gfs2: Fix iomap write page reclaim deadlock (BZ#1737373)\n\n - [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740178)\n\n - high update_cfs_rq_blocked_load contention (BZ#1740180)\n\n - [Hyper-V][RHEL 7] kdump fails to start on a Hyper-V guest of Windows Server 2019. (BZ#1740188)\n\n - kvm: backport cpuidle-haltpoll driver (BZ#1740192)\n\n - Growing unreclaimable slab memory (BZ#1741920)\n\n - [bnx2x] ping failed from pf to vf which has been attached to vm (BZ#1741926)\n\n - [Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM with > 240 vCPUs (i.e., when in x2APIC mode) (BZ#1743324)\n\n - Macsec: inbound MACSEC frame is unexpectedly dropped with InPktsNotValid (BZ#1744442)\n\n - RHEL 7.7 Beta - Hit error when trying to run nvme connect with IPv6 address (BZ#1744443)\n\n - RHEL 7.6 SS4 - Paths lost when running straight I/O on NVMe/RoCE system (BZ#1744444)\n\n - NFSv4.0 client sending a double CLOSE (leading to EIO application failure) (BZ#1744946)\n\n - [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds, but the VM was unavailable for 2 hours (BZ#1748239)\n\n - NFS client autodisconnect timer may fire immediately after TCP connection setup and may cause DoS type reconnect problem in complex network environments (BZ#1749290)\n\n - [Inspur] RHEL7.6 ASPEED graphic card display issue (BZ#1749296)\n\n - Allows macvlan to operated correctly over the active-backup mode to support bonding events.\n (BZ#1751579)\n\n - [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group (BZ#1752421)\n\nUsers of kernel are advised to upgrade to these updated packages, which fix these bugs.", "cvss3": {}, "published": "2019-10-21T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL7.x x86_64 (20191016)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-10126", "CVE-2019-3846", "CVE-2019-9506"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:bpftool", "p-cpe:/a:fermilab:scientific_linux:bpftool-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel", "p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists", "p-cpe:/a:fermilab:scientific_linux:kernel-debug", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:fermilab:scientific_linux:kernel-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-doc", "p-cpe:/a:fermilab:scientific_linux:kernel-headers", "p-cpe:/a:fermilab:scientific_linux:kernel-tools", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs-devel", "p-cpe:/a:fermilab:scientific_linux:perf", "p-cpe:/a:fermilab:scientific_linux:perf-debuginfo", "p-cpe:/a:fermilab:scientific_linux:python-perf", "p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20191016_KERNEL_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/130078", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130078);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2018-20856\", \"CVE-2019-10126\", \"CVE-2019-3846\", \"CVE-2019-9506\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL7.x x86_64 (20191016)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security Fix(es) :\n\n - kernel: Use-after-free in __blk_drain_queue() function\n in block/blk-core.c (CVE-2018-20856)\n\n - kernel: Heap overflow in mwifiex_update_bss_desc_with_ie\n function in marvell/mwifiex/scan.c (CVE-2019-3846)\n\n - hardware: bluetooth: BR/EDR encryption key negotiation\n attacks (KNOB) (CVE-2019-9506)\n\n - kernel: Heap overflow in mwifiex_uap_parse_tail_ies\n function in drivers/net/wireless/marvell/mwifiex/ie.c\n (CVE-2019-10126)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fixes :\n\n - gfs2: Fix iomap write page reclaim deadlock (BZ#1737373)\n\n - [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use\n kvfree (BZ#1740178)\n\n - high update_cfs_rq_blocked_load contention (BZ#1740180)\n\n - [Hyper-V][RHEL 7] kdump fails to start on a Hyper-V\n guest of Windows Server 2019. (BZ#1740188)\n\n - kvm: backport cpuidle-haltpoll driver (BZ#1740192)\n\n - Growing unreclaimable slab memory (BZ#1741920)\n\n - [bnx2x] ping failed from pf to vf which has been\n attached to vm (BZ#1741926)\n\n - [Hyper-V]vPCI devices cannot allocate IRQs vectors in a\n Hyper-V VM with > 240 vCPUs (i.e., when in x2APIC mode)\n (BZ#1743324)\n\n - Macsec: inbound MACSEC frame is unexpectedly dropped\n with InPktsNotValid (BZ#1744442)\n\n - RHEL 7.7 Beta - Hit error when trying to run nvme\n connect with IPv6 address (BZ#1744443)\n\n - RHEL 7.6 SS4 - Paths lost when running straight I/O on\n NVMe/RoCE system (BZ#1744444)\n\n - NFSv4.0 client sending a double CLOSE (leading to EIO\n application failure) (BZ#1744946)\n\n - [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes\n 10 seconds, but the VM was unavailable for 2 hours\n (BZ#1748239)\n\n - NFS client autodisconnect timer may fire immediately\n after TCP connection setup and may cause DoS type\n reconnect problem in complex network environments\n (BZ#1749290)\n\n - [Inspur] RHEL7.6 ASPEED graphic card display issue\n (BZ#1749296)\n\n - Allows macvlan to operated correctly over the\n active-backup mode to support bonding events.\n (BZ#1751579)\n\n - [LLNL 7.5 Bug] slab leak causing a crash when using kmem\n control group (BZ#1752421)\n\nUsers of kernel are advised to upgrade to these updated packages,\nwhich fix these bugs.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1737373\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1740178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1740180\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1740188\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1740192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1741920\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1741926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1743324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1744442\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1744443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1744444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1744946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1748239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1749290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1749296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1751579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1752421\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1910&L=SCIENTIFIC-LINUX-ERRATA&P=1567\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3e7582ac\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"bpftool-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"bpftool-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-abi-whitelists-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-doc-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-1062.4.1.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / kernel-abi-whitelists / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:05", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)\n\n* kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net /wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fixes :\n\n* gfs2: Fix iomap write page reclaim deadlock (BZ#1737373)\n\n* [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740178)\n\n* high update_cfs_rq_blocked_load contention (BZ#1740180)\n\n* [Hyper-V][RHEL 7] kdump fails to start on a Hyper-V guest of Windows Server 2019. (BZ#1740188)\n\n* kvm: backport cpuidle-haltpoll driver (BZ#1740192)\n\n* Growing unreclaimable slab memory (BZ#1741920)\n\n* [bnx2x] ping failed from pf to vf which has been attached to vm (BZ# 1741926)\n\n* [Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM with > 240 vCPUs (i.e., when in x2APIC mode) (BZ#1743324)\n\n* Macsec: inbound MACSEC frame is unexpectedly dropped with InPktsNotValid (BZ#1744442)\n\n* RHEL 7.7 Beta - Hit error when trying to run nvme connect with IPv6 address (BZ#1744443)\n\n* RHEL 7.6 SS4 - Paths lost when running straight I/O on NVMe/RoCE system (BZ #1744444)\n\n* NFSv4.0 client sending a double CLOSE (leading to EIO application failure) (BZ#1744946)\n\n* [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds, but the VM was unavailable for 2 hours (BZ#1748239)\n\n* NFS client autodisconnect timer may fire immediately after TCP connection setup and may cause DoS type reconnect problem in complex network environments (BZ#1749290)\n\n* [Inspur] RHEL7.6 ASPEED graphic card display issue (BZ#1749296)\n\n* Allows macvlan to operated correctly over the active-backup mode to support bonding events. (BZ#1751579)\n\n* [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group (BZ# 1752421)\n\nUsers of kernel are advised to upgrade to these updated packages, which fix these bugs.", "cvss3": {}, "published": "2019-10-22T00:00:00", "type": "nessus", "title": "CentOS 7 : kernel (CESA-2019:3055)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-10126", "CVE-2019-3846", "CVE-2019-9506"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bpftool", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-abi-whitelists", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-tools", "p-cpe:/a:centos:centos:kernel-tools-libs", "p-cpe:/a:centos:centos:kernel-tools-libs-devel", "p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python-perf", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2019-3055.NASL", "href": "https://www.tenable.com/plugins/nessus/130128", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3055 and \n# CentOS Errata and Security Advisory 2019:3055 respectively.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130128);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2018-20856\",\n \"CVE-2019-3846\",\n \"CVE-2019-9506\",\n \"CVE-2019-10126\"\n );\n script_xref(name:\"RHSA\", value:\"2019:3055\");\n\n script_name(english:\"CentOS 7 : kernel (CESA-2019:3055)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* kernel: Use-after-free in __blk_drain_queue() function in\nblock/blk-core.c (CVE-2018-20856)\n\n* kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in\nmarvell/mwifiex/scan.c (CVE-2019-3846)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks\n(KNOB) (CVE-2019-9506)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in\ndrivers/net /wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fixes :\n\n* gfs2: Fix iomap write page reclaim deadlock (BZ#1737373)\n\n* [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree\n(BZ#1740178)\n\n* high update_cfs_rq_blocked_load contention (BZ#1740180)\n\n* [Hyper-V][RHEL 7] kdump fails to start on a Hyper-V guest of Windows\nServer 2019. (BZ#1740188)\n\n* kvm: backport cpuidle-haltpoll driver (BZ#1740192)\n\n* Growing unreclaimable slab memory (BZ#1741920)\n\n* [bnx2x] ping failed from pf to vf which has been attached to vm (BZ#\n1741926)\n\n* [Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM\nwith > 240 vCPUs (i.e., when in x2APIC mode) (BZ#1743324)\n\n* Macsec: inbound MACSEC frame is unexpectedly dropped with\nInPktsNotValid (BZ#1744442)\n\n* RHEL 7.7 Beta - Hit error when trying to run nvme connect with IPv6\naddress (BZ#1744443)\n\n* RHEL 7.6 SS4 - Paths lost when running straight I/O on NVMe/RoCE\nsystem (BZ #1744444)\n\n* NFSv4.0 client sending a double CLOSE (leading to EIO application\nfailure) (BZ#1744946)\n\n* [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds,\nbut the VM was unavailable for 2 hours (BZ#1748239)\n\n* NFS client autodisconnect timer may fire immediately after TCP\nconnection setup and may cause DoS type reconnect problem in complex\nnetwork environments (BZ#1749290)\n\n* [Inspur] RHEL7.6 ASPEED graphic card display issue (BZ#1749296)\n\n* Allows macvlan to operated correctly over the active-backup mode to\nsupport bonding events. (BZ#1751579)\n\n* [LLNL 7.5 Bug] slab leak causing a crash when using kmem control\ngroup (BZ# 1752421)\n\nUsers of kernel are advised to upgrade to these updated packages,\nwhich fix these bugs.\");\n # https://lists.centos.org/pipermail/centos-announce/2019-October/023488.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?68dd670d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-10126\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"bpftool-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-abi-whitelists-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-doc-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"perf-3.10.0-1062.4.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-1062.4.1.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / kernel / kernel-abi-whitelists / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:35", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities:\n\n - An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an\n __blk_drain_queue() use-after-free because a certain error case is mishandled. (CVE-2018-20856)\n\n - A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.\n (CVE-2019-10126)\n\n - A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS).\n (CVE-2019-10140)\n\n - A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (CVE-2019-3846)\n\n - The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute- force attacks (aka KNOB) that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.\n (CVE-2019-9506)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-12-02T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0221)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-10126", "CVE-2019-10140", "CVE-2019-3846", "CVE-2019-9500", "CVE-2019-9503", "CVE-2019-9506"], "modified": "2022-05-18T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0221_KERNEL.NASL", "href": "https://www.tenable.com/plugins/nessus/131411", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0221. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131411);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2018-20856\",\n \"CVE-2019-3846\",\n \"CVE-2019-9500\",\n \"CVE-2019-9503\",\n \"CVE-2019-9506\",\n \"CVE-2019-10126\",\n \"CVE-2019-10140\"\n );\n script_bugtraq_id(108011, 108521, 108817);\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0221)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by\nmultiple vulnerabilities:\n\n - An issue was discovered in the Linux kernel before\n 4.18.7. In block/blk-core.c, there is an\n __blk_drain_queue() use-after-free because a certain\n error case is mishandled. (CVE-2018-20856)\n\n - A flaw was found in the Linux kernel. A heap based\n buffer overflow in mwifiex_uap_parse_tail_ies function\n in drivers/net/wireless/marvell/mwifiex/ie.c might lead\n to memory corruption and possibly other consequences.\n (CVE-2019-10126)\n\n - A vulnerability was found in Linux kernel's, versions up\n to 3.10, implementation of overlayfs. An attacker with\n local access can create a denial of service situation\n via NULL pointer dereference in ovl_posix_acl_create\n function in fs/overlayfs/dir.c. This can allow attackers\n with ability to create directories on overlayfs to crash\n the kernel creating a denial of service (DOS).\n (CVE-2019-10140)\n\n - A flaw that allowed an attacker to corrupt memory and\n possibly escalate privileges was found in the mwifiex\n kernel module while connecting to a malicious wireless\n network. (CVE-2019-3846)\n\n - The Bluetooth BR/EDR specification up to and including\n version 5.1 permits sufficiently low encryption key\n length and does not prevent an attacker from influencing\n the key length negotiation. This allows practical brute-\n force attacks (aka KNOB) that can decrypt traffic and\n inject arbitrary ciphertext without the victim noticing.\n (CVE-2019-9506)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0221\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL kernel packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-10126\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"kernel-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-abi-whitelists-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-core-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-debug-core-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-debug-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-debug-devel-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-debug-modules-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-debuginfo-common-x86_64-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-devel-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-doc-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-headers-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-modules-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-sign-keys-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-tools-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-tools-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-tools-libs-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"kernel-tools-libs-devel-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"perf-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"python-perf-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\",\n \"python-perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.26.523.g01e5e7b.lite\"\n ],\n \"CGSL MAIN 5.04\": [\n \"kernel-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-abi-whitelists-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-debug-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-debug-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-debug-devel-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-debuginfo-common-x86_64-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-devel-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-doc-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-headers-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-sign-keys-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-tools-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-tools-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-tools-libs-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"kernel-tools-libs-devel-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"perf-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"python-perf-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\",\n \"python-perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.26.520.g15f3a85\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:31", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected by multiple vulnerabilities:\n\n - Microarchitectural Store Buffer Data Sampling (MSBDS):\n Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www /public/us/en/documents/corporate- information/SA00233-microcode-update- guidance_05132019.pdf (CVE-2018-12126)\n\n - Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en /documents/corporate-information/SA00233-microcode- update-guidance_05132019.pdf (CVE-2018-12127)\n\n - Microarchitectural Fill Buffer Data Sampling (MFBDS):\n Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www /public/us/en/documents/corporate- information/SA00233-microcode-update- guidance_05132019.pdf (CVE-2018-12130)\n\n - An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an\n __blk_drain_queue() use-after-free because a certain error case is mishandled. (CVE-2018-20856)\n\n - A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences.\n (CVE-2019-10126)\n\n - A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS).\n (CVE-2019-10140)\n\n - Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.inte l.com/content/dam/www/public/us/en/documents/corporate- information/SA00233-microcode-update- guidance_05132019.pdf (CVE-2019-11091)\n\n - An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system. (CVE-2019-14821)\n\n - A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (CVE-2019-3846)\n\n - The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute- force attacks (aka KNOB) that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.\n (CVE-2019-9506)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-12-02T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0222)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-20856", "CVE-2019-10126", "CVE-2019-10140", "CVE-2019-11091", "CVE-2019-14821", "CVE-2019-3846", "CVE-2019-9500", "CVE-2019-9503", "CVE-2019-9506"], "modified": "2022-12-05T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0222_KERNEL-RT.NASL", "href": "https://www.tenable.com/plugins/nessus/131421", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0222. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131421);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2018-12126\",\n \"CVE-2018-12127\",\n \"CVE-2018-12130\",\n \"CVE-2018-20856\",\n \"CVE-2019-3846\",\n \"CVE-2019-9500\",\n \"CVE-2019-9503\",\n \"CVE-2019-9506\",\n \"CVE-2019-10126\",\n \"CVE-2019-10140\",\n \"CVE-2019-11091\",\n \"CVE-2019-14821\"\n );\n script_bugtraq_id(\n 108011,\n 108330,\n 108521,\n 108817\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0324\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0222)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected\nby multiple vulnerabilities:\n\n - Microarchitectural Store Buffer Data Sampling (MSBDS):\n Store buffers on some microprocessors utilizing\n speculative execution may allow an authenticated user to\n potentially enable information disclosure via a side\n channel with local access. A list of impacted products\n can be found here: https://www.intel.com/content/dam/www\n /public/us/en/documents/corporate-\n information/SA00233-microcode-update-\n guidance_05132019.pdf (CVE-2018-12126)\n\n - Microarchitectural Load Port Data Sampling (MLPDS): Load\n ports on some microprocessors utilizing speculative\n execution may allow an authenticated user to potentially\n enable information disclosure via a side channel with\n local access. A list of impacted products can be found\n here: https://www.intel.com/content/dam/www/public/us/en\n /documents/corporate-information/SA00233-microcode-\n update-guidance_05132019.pdf (CVE-2018-12127)\n\n - Microarchitectural Fill Buffer Data Sampling (MFBDS):\n Fill buffers on some microprocessors utilizing\n speculative execution may allow an authenticated user to\n potentially enable information disclosure via a side\n channel with local access. A list of impacted products\n can be found here: https://www.intel.com/content/dam/www\n /public/us/en/documents/corporate-\n information/SA00233-microcode-update-\n guidance_05132019.pdf (CVE-2018-12130)\n\n - An issue was discovered in the Linux kernel before\n 4.18.7. In block/blk-core.c, there is an\n __blk_drain_queue() use-after-free because a certain\n error case is mishandled. (CVE-2018-20856)\n\n - A flaw was found in the Linux kernel. A heap based\n buffer overflow in mwifiex_uap_parse_tail_ies function\n in drivers/net/wireless/marvell/mwifiex/ie.c might lead\n to memory corruption and possibly other consequences.\n (CVE-2019-10126)\n\n - A vulnerability was found in Linux kernel's, versions up\n to 3.10, implementation of overlayfs. An attacker with\n local access can create a denial of service situation\n via NULL pointer dereference in ovl_posix_acl_create\n function in fs/overlayfs/dir.c. This can allow attackers\n with ability to create directories on overlayfs to crash\n the kernel creating a denial of service (DOS).\n (CVE-2019-10140)\n\n - Microarchitectural Data Sampling Uncacheable Memory\n (MDSUM): Uncacheable memory on some microprocessors\n utilizing speculative execution may allow an\n authenticated user to potentially enable information\n disclosure via a side channel with local access. A list\n of impacted products can be found here: https://www.inte\n l.com/content/dam/www/public/us/en/documents/corporate-\n information/SA00233-microcode-update-\n guidance_05132019.pdf (CVE-2019-11091)\n\n - An out-of-bounds access issue was found in the Linux\n kernel, all versions through 5.3, in the way Linux\n kernel's KVM hypervisor implements the Coalesced MMIO\n write operation. It operates on an MMIO ring buffer\n 'struct kvm_coalesced_mmio' object, wherein write\n indices 'ring->first' and 'ring->last' value could be\n supplied by a host user-space process. An unprivileged\n host user or process with access to '/dev/kvm' device\n could use this flaw to crash the host kernel, resulting\n in a denial of service or potentially escalating\n privileges on the system. (CVE-2019-14821)\n\n - A flaw that allowed an attacker to corrupt memory and\n possibly escalate privileges was found in the mwifiex\n kernel module while connecting to a malicious wireless\n network. (CVE-2019-3846)\n\n - The Bluetooth BR/EDR specification up to and including\n version 5.1 permits sufficiently low encryption key\n length and does not prevent an attacker from influencing\n the key length negotiation. This allows practical brute-\n force attacks (aka KNOB) that can decrypt traffic and\n inject arbitrary ciphertext without the victim noticing.\n (CVE-2019-9506)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0222\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL kernel-rt packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-10126\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.04\": [\n \"kernel-rt-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debug-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debug-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debug-devel-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debug-kvm-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debug-kvm-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debuginfo-common-x86_64-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-devel-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-doc-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-kvm-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-kvm-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-trace-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-trace-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-trace-devel-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-trace-kvm-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-trace-kvm-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\"\n ],\n \"CGSL MAIN 5.04\": [\n \"kernel-rt-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debug-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debug-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debug-devel-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debug-kvm-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debug-kvm-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-debuginfo-common-x86_64-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-devel-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-doc-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-kvm-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-kvm-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-trace-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-trace-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-trace-devel-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-trace-kvm-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\",\n \"kernel-rt-trace-kvm-debuginfo-3.10.0-693.21.1.rt56.639.el7.cgslv5_4.24.366.g7fc66c5\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:49", "description": "An update for kernel-alt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es) :\n\n* kernel: MIDI driver race condition leads to a double-free (CVE-2018-10902)\n\n* kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)\n\n* kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\n* kernel: a NULL pointer dereference in drivers/scsi/megaraid/ megaraid_sas_base.c leading to DoS (CVE-2019-11810)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* kernel modules pkey and paes_s390 are not available (BZ#1719192)\n\n* pkey: Indicate old mkvp only if old and curr. mkvp are different (BZ# 1720621)\n\n* System dropped into Mon running softboots Exception: 501 (Hardware Interrupt) at c00000000000a814 replay_interrupt_return+0x0/0x4 (ipmi) (BZ# 1737563)\n\n* kernel: jump label transformation performance (BZ#1739143)\n\n* Backport i40e MDD detection removal for PFs (BZ#1747618)", "cvss3": {}, "published": "2019-10-30T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel-alt (RHSA-2019:3217)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10902", "CVE-2018-20856", "CVE-2019-11810", "CVE-2019-9500", "CVE-2019-9506"], "modified": "2020-01-31T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-3217.NASL", "href": "https://www.tenable.com/plugins/nessus/130373", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3217. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130373);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/31\");\n\n script_cve_id(\"CVE-2018-10902\", \"CVE-2018-20856\", \"CVE-2019-11810\", \"CVE-2019-9500\", \"CVE-2019-9506\");\n script_xref(name:\"RHSA\", value:\"2019:3217\");\n\n script_name(english:\"RHEL 7 : kernel-alt (RHSA-2019:3217)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel-alt is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es) :\n\n* kernel: MIDI driver race condition leads to a double-free\n(CVE-2018-10902)\n\n* kernel: Use-after-free in __blk_drain_queue() function in\nblock/blk-core.c (CVE-2018-20856)\n\n* kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results\n(CVE-2019-9500)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks\n(KNOB) (CVE-2019-9506)\n\n* kernel: a NULL pointer dereference in drivers/scsi/megaraid/\nmegaraid_sas_base.c leading to DoS (CVE-2019-11810)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* kernel modules pkey and paes_s390 are not available (BZ#1719192)\n\n* pkey: Indicate old mkvp only if old and curr. mkvp are different\n(BZ# 1720621)\n\n* System dropped into Mon running softboots Exception: 501 (Hardware\nInterrupt) at c00000000000a814 replay_interrupt_return+0x0/0x4 (ipmi)\n(BZ# 1737563)\n\n* kernel: jump label transformation performance (BZ#1739143)\n\n* Backport i40e MDD detection removal for PFs (BZ#1747618)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3217\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-10902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-20856\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11810\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9500\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-10902\", \"CVE-2018-20856\", \"CVE-2019-11810\", \"CVE-2019-9500\", \"CVE-2019-9506\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:3217\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3217\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-abi-whitelists-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-devel-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-devel-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-doc-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-headers-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-devel-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-debuginfo-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-4.14.0-115.14.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-debuginfo-4.14.0-115.14.1.el7a\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-27T14:17:37", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0698 advisory.\n\n - kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-03-06T00:00:00", "type": "nessus", "title": "RHEL 7 : kpatch-patch (RHSA-2020:0698)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.6", "cpe:/o:redhat:rhel_e4s:7.6", "cpe:/o:redhat:rhel_eus:7.6", "cpe:/o:redhat:rhel_tus:7.6", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_35_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_35_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_38_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_38_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_38_3", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_41_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_43_1"], "id": "REDHAT-RHSA-2020-0698.NASL", "href": "https://www.tenable.com/plugins/nessus/134265", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0698. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134265);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2018-20856\");\n script_xref(name:\"RHSA\", value:\"2020:0698\");\n\n script_name(english:\"RHEL 7 : kpatch-patch (RHSA-2020:0698)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:0698 advisory.\n\n - kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-20856\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1738705\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20856\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_35_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_35_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_38_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_38_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_38_3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_41_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_43_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.6')) audit(AUDIT_OS_NOT, 'Red Hat 7.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.6/x86_64/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.6/x86_64/os',\n 'content/aus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/eus/rhel/computenode/7/7.6/x86_64/debug',\n 'content/eus/rhel/computenode/7/7.6/x86_64/optional/debug',\n 'content/eus/rhel/computenode/7/7.6/x86_64/optional/os',\n 'content/eus/rhel/computenode/7/7.6/x86_64/optional/source/SRPMS',\n 'content/eus/rhel/computenode/7/7.6/x86_64/os',\n 'content/eus/rhel/computenode/7/7.6/x86_64/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/highavailability/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/highavailability/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/optional/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/optional/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/optional/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap-hana/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap-hana/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap-hana/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/source/SRPMS',\n 'content/eus/rhel/power/7/7.6/ppc64/debug',\n 'content/eus/rhel/power/7/7.6/ppc64/optional/debug',\n 'content/eus/rhel/power/7/7.6/ppc64/optional/os',\n 'content/eus/rhel/power/7/7.6/ppc64/optional/source/SRPMS',\n 'content/eus/rhel/power/7/7.6/ppc64/os',\n 'content/eus/rhel/power/7/7.6/ppc64/sap/debug',\n 'content/eus/rhel/power/7/7.6/ppc64/sap/os',\n 'content/eus/rhel/power/7/7.6/ppc64/sap/source/SRPMS',\n 'content/eus/rhel/power/7/7.6/ppc64/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/eus/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/eus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/os',\n 'content/eus/rhel/server/7/7.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/resilientstorage/os',\n 'content/eus/rhel/server/7/7.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/sap-hana/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/sap-hana/os',\n 'content/eus/rhel/server/7/7.6/x86_64/sap-hana/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/sap/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/sap/os',\n 'content/eus/rhel/server/7/7.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/os',\n 'content/tus/rhel/server/7/7.6/x86_64/source/SRPMS'\n ],\n 'kernels': {\n '3.10.0-957.35.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_35_1-1-6.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.35.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_35_1-1-6.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.35.2.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_35_2-1-5.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.35.2.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_35_2-1-5.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.38.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_38_1-1-4.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.38.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_38_1-1-4.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.38.2.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_38_2-1-3.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.38.2.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_38_2-1-3.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.38.3.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_38_3-1-3.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.38.3.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_38_3-1-3.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.41.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_41_1-1-1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.41.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_41_1-1-1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.43.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_43_1-1-1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.43.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_43_1-1-1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-3_10_0-957_35_1 / kpatch-patch-3_10_0-957_35_2 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-27T14:20:14", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2289 advisory.\n\n - kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c (CVE-2017-18595)\n\n - kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\n - kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768)\n\n - kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)\n\n - Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-06-03T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2020:2289)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18595", "CVE-2019-10126", "CVE-2019-19768", "CVE-2019-3846", "CVE-2020-10711"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.6", "cpe:/o:redhat:rhel_e4s:7.6", "cpe:/o:redhat:rhel_eus:7.6", "cpe:/o:redhat:rhel_tus:7.6", "p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2020-2289.NASL", "href": "https://www.tenable.com/plugins/nessus/137060", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2289. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137060);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2017-18595\",\n \"CVE-2019-3846\",\n \"CVE-2019-10126\",\n \"CVE-2019-19768\",\n \"CVE-2020-10711\"\n );\n script_bugtraq_id(108521, 108817);\n script_xref(name:\"RHSA\", value:\"2020:2289\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2020:2289)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2289 advisory.\n\n - kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c\n (CVE-2017-18595)\n\n - kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c\n (CVE-2019-10126)\n\n - kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768)\n\n - kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c\n (CVE-2019-3846)\n\n - Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause\n kernel panic (CVE-2020-10711)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2017-18595\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-3846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-10126\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-19768\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10711\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2289\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1713059\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1716992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1758671\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1786164\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1825116\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-10126\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(122, 416, 476);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.6')) audit(AUDIT_OS_NOT, 'Red Hat 7.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2017-18595', 'CVE-2019-3846', 'CVE-2019-10126', 'CVE-2019-19768', 'CVE-2020-10711');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2020:2289');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.6/x86_64/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.6/x86_64/os',\n 'content/aus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/eus/rhel/computenode/7/7.6/x86_64/debug',\n 'content/eus/rhel/computenode/7/7.6/x86_64/optional/debug',\n 'content/eus/rhel/computenode/7/7.6/x86_64/optional/os',\n 'content/eus/rhel/computenode/7/7.6/x86_64/optional/source/SRPMS',\n 'content/eus/rhel/computenode/7/7.6/x86_64/os',\n 'content/eus/rhel/computenode/7/7.6/x86_64/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/highavailability/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/highavailability/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/optional/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/optional/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/optional/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap-hana/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap-hana/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap-hana/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/source/SRPMS',\n 'content/eus/rhel/power/7/7.6/ppc64/debug',\n 'content/eus/rhel/power/7/7.6/ppc64/optional/debug',\n 'content/eus/rhel/power/7/7.6/ppc64/optional/os',\n 'content/eus/rhel/power/7/7.6/ppc64/optional/source/SRPMS',\n 'content/eus/rhel/power/7/7.6/ppc64/os',\n 'content/eus/rhel/power/7/7.6/ppc64/sap/debug',\n 'content/eus/rhel/power/7/7.6/ppc64/sap/os',\n 'content/eus/rhel/power/7/7.6/ppc64/sap/source/SRPMS',\n 'content/eus/rhel/power/7/7.6/ppc64/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/eus/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/eus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/os',\n 'content/eus/rhel/server/7/7.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/resilientstorage/os',\n 'content/eus/rhel/server/7/7.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/sap-hana/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/sap-hana/os',\n 'content/eus/rhel/server/7/7.6/x86_64/sap-hana/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/sap/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/sap/os',\n 'content/eus/rhel/server/7/7.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/eus/rhel/system-z/7/7.6/s390x/debug',\n 'content/eus/rhel/system-z/7/7.6/s390x/optional/debug',\n 'content/eus/rhel/system-z/7/7.6/s390x/optional/os',\n 'content/eus/rhel/system-z/7/7.6/s390x/optional/source/SRPMS',\n 'content/eus/rhel/system-z/7/7.6/s390x/os',\n 'content/eus/rhel/system-z/7/7.6/s390x/sap/debug',\n 'content/eus/rhel/system-z/7/7.6/s390x/sap/os',\n 'content/eus/rhel/system-z/7/7.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel/system-z/7/7.6/s390x/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/os',\n 'content/tus/rhel/server/7/7.6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bpftool-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-957.54.1.el7', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-bootwrapper-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-bootwrapper-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-kdump-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-kdump-devel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-957.54.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / kernel-bootwrapper / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:10", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)", "cvss3": {}, "published": "2019-10-30T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2019:3218)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9506"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7.3"], "id": "REDHAT-RHSA-2019-3218.NASL", "href": "https://www.tenable.com/plugins/nessus/130374", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3218. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130374);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2019-9506\");\n script_xref(name:\"RHSA\", value:\"2019:3218\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2019:3218)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.3\nAdvanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended\nUpdate Support, and Red Hat Enterprise Linux 7.3 Update Services for\nSAP Solutions.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks\n(KNOB) (CVE-2019-9506)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3218\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9506\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7\\.3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.3\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-9506\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:3218\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3218\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", reference:\"kernel-abi-whitelists-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", reference:\"kernel-doc-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"perf-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-514.70.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-514.70.1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:23", "description": "An update for kernel-rt is now available for Red Hat Enterprise MRG 2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es) :\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1751263)", "cvss3": {}, "published": "2019-10-24T00:00:00", "type": "nessus", "title": "RHEL 6 : MRG (RHSA-2019:3165)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9506"], "modified": "2019-12-18T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2019-3165.NASL", "href": "https://www.tenable.com/plugins/nessus/130186", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3165. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130186);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/18\");\n\n script_cve_id(\"CVE-2019-9506\");\n script_xref(name:\"RHSA\", value:\"2019:3165\");\n\n script_name(english:\"RHEL 6 : MRG (RHSA-2019:3165)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel-rt is now available for Red Hat Enterprise MRG 2.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which\nenables fine-tuning for systems with extremely high determinism\nrequirements.\n\nSecurity Fix(es) :\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks\n(KNOB) (CVE-2019-9506)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1751263)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9506\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-9506\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:3165\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3165\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"mrg-release\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MRG\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-doc-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-firmware-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-debuginfo-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-devel-3.10.0-693.60.1.rt56.654.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:58:50", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1460 advisory.\n\n - hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-04-14T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2020:1460)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9506"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.2", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2020-1460.NASL", "href": "https://www.tenable.com/plugins/nessus/135456", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1460. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135456);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2019-9506\");\n script_xref(name:\"RHSA\", value:\"2020:1460\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2020:1460)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:1460 advisory.\n\n - hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-9506\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1460\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1727857\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9506\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(327);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.2')) audit(AUDIT_OS_NOT, 'Red Hat 7.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2019-9506');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2020:1460');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.2/x86_64/debug',\n 'content/aus/rhel/server/7/7.2/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.2/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.2/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.2/x86_64/os',\n 'content/aus/rhel/server/7/7.2/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-3.10.0-327.86.1.el7', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-327.86.1.el7', 'sp':'2', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-327.86.1.el7', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-327.86.1.el7', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-327.86.1.el7', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-327.86.1.el7', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-327.86.1.el7', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-327.86.1.el7', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-327.86.1.el7', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-327.86.1.el7', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-327.86.1.el7', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-debug / kernel-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:42", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Fix possible Spectre-v1 bugs in wireless code (BZ#1706696)\n\n* powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas: Fix a potential race between CPU-Offline & Migration (LPM) (BZ#1745436)\n\n* powerpc/pseries: Fix uninitialized timer reset on migration / powerpc/pseries /mobility: Extend start/stop topology update scope (LPM) (BZ#1745438)\n\n* ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745446)", "cvss3": {}, "published": "2019-10-24T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2019:3187)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9506"], "modified": "2019-12-18T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7.4"], "id": "REDHAT-RHSA-2019-3187.NASL", "href": "https://www.tenable.com/plugins/nessus/130189", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3187. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130189);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/18\");\n\n script_cve_id(\"CVE-2019-9506\");\n script_xref(name:\"RHSA\", value:\"2019:3187\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2019:3187)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.4\nAdvanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended\nUpdate Support, and Red Hat Enterprise Linux 7.4 Update Services for\nSAP Solutions.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks\n(KNOB) (CVE-2019-9506)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Fix possible Spectre-v1 bugs in wireless code (BZ#1706696)\n\n* powerpc/pseries: Disable CPU hotplug across migrations /\npowerpc/rtas: Fix a potential race between CPU-Offline & Migration\n(LPM) (BZ#1745436)\n\n* powerpc/pseries: Fix uninitialized timer reset on migration /\npowerpc/pseries /mobility: Extend start/stop topology update scope\n(LPM) (BZ#1745438)\n\n* ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during\nLPM (POWER9/P9) (BZ#1745446)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9506\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7\\.4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.4\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-9506\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:3187\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3187\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"kernel-abi-whitelists-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"kernel-doc-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"perf-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-693.60.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-693.60.1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:04", "description": "An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThis is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.\n\nSecurity Fix(es) :\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-10-30T00:00:00", "type": "nessus", "title": "RHEL 7 : kpatch-patch (RHSA-2019:3231)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9506"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_35_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_35_1-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_35_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_35_2-debuginfo", "cpe:/o:redhat:enterprise_linux:7.6"], "id": "REDHAT-RHSA-2019-3231.NASL", "href": "https://www.tenable.com/plugins/nessus/130379", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3231. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130379);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2019-9506\");\n script_xref(name:\"RHSA\", value:\"2019:3231\");\n\n script_name(english:\"RHEL 7 : kpatch-patch (RHSA-2019:3231)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kpatch-patch is now available for Red Hat Enterprise\nLinux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThis is a kernel live patch module which is automatically loaded by\nthe RPM post-install script to modify the code of a running kernel.\n\nSecurity Fix(es) :\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks\n(KNOB) (CVE-2019-9506)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3231\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9506\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_35_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_35_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_35_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_35_2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7\\.6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.6\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3231\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kpatch-patch-3_10_0-957_35_1-1-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kpatch-patch-3_10_0-957_35_1-debuginfo-1-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kpatch-patch-3_10_0-957_35_2-1-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kpatch-patch-3_10_0-957_35_2-debuginfo-1-1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kpatch-patch-3_10_0-957_35_1 / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:26:08", "description": "New kernel packages are available for Slackware 14.2 to fix security issues.", "cvss3": {}, "published": "2019-07-22T00:00:00", "type": "nessus", "title": "Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-202-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16597", "CVE-2019-10126", "CVE-2019-11599", "CVE-2019-13272", "CVE-2019-3846", "CVE-2019-3892"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:kernel-firmware", "p-cpe:/a:slackware:slackware_linux:kernel-generic", "p-cpe:/a:slackware:slackware_linux:kernel-generic-smp", "p-cpe:/a:slackware:slackware_linux:kernel-headers", "p-cpe:/a:slackware:slackware_linux:kernel-huge", "p-cpe:/a:slackware:slackware_linux:kernel-huge-smp", "p-cpe:/a:slackware:slackware_linux:kernel-modules", "p-cpe:/a:slackware:slackware_linux:kernel-modules-smp", "p-cpe:/a:slackware:slackware_linux:kernel-source", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2019-202-01.NASL", "href": "https://www.tenable.com/plugins/nessus/126882", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2019-202-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126882);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2018-16597\", \"CVE-2019-10126\", \"CVE-2019-11599\", \"CVE-2019-13272\", \"CVE-2019-3846\", \"CVE-2019-3892\");\n script_xref(name:\"SSA\", value:\"2019-202-01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-202-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New kernel packages are available for Slackware 14.2 to fix security\nissues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2019&m=slackware-security.704001\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?60ee670e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-firmware\", pkgver:\"20190717_bf13a71\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic\", pkgver:\"4.4.186\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic-smp\", pkgver:\"4.4.186_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-headers\", pkgver:\"4.4.186_smp\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge\", pkgver:\"4.4.186\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge-smp\", pkgver:\"4.4.186_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules\", pkgver:\"4.4.186\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules-smp\", pkgver:\"4.4.186_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-source\", pkgver:\"4.4.186_smp\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-firmware\", pkgver:\"20190717_bf13a71\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-generic\", pkgver:\"4.4.186\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-headers\", pkgver:\"4.4.186\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-huge\", pkgver:\"4.4.186\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-modules\", pkgver:\"4.4.186\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-source\", pkgver:\"4.4.186\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:53", "description": "According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - [3.10.0-693.21.1.vz7.46.7 to 3.10.0-957.12.2.vz7.96.21] Use-after-free in __blk_drain_queue() function. It was found that a use-after-free condition could be triggered in the block device subsystem while the outstanding command queue was drained. A patient local attacker can use this flaw to crash the system or, potentially, to escalate their privileges.\n\n - [3.10.0-693.21.1.vz7.46.7 to 3.10.0-957.12.2.vz7.96.21] tun: potential kernel crash when TUNSETIFF ioctl operation is used for a device with an invalid name.\n\n - [3.10.0-693.21.1.vz7.46.7 to 3.10.0-957.12.2.vz7.96.21] Certain operations with iptables in a container may crash the kernel.\n\n - [3.10.0-693.21.1.vz7.46.7 to 3.10.0-957.12.2.vz7.96.21] A container that tries to mount NFS shares may cause the whole system to hang in certain conditions.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-02-04T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : readykernel-patch (VZA-2019-081)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2018-7191"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:readykernel", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZA-2019-081.NASL", "href": "https://www.tenable.com/plugins/nessus/133461", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133461);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2018-20856\",\n \"CVE-2018-7191\"\n );\n\n script_name(english:\"Virtuozzo 7 : readykernel-patch (VZA-2019-081)\");\n script_summary(english:\"Checks the readykernel output for the updated patch.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the vzkernel package and the\nreadykernel-patch installed, the Virtuozzo installation on the remote\nhost is affected by the following vulnerabilities :\n\n - [3.10.0-693.21.1.vz7.46.7 to 3.10.0-957.12.2.vz7.96.21]\n Use-after-free in __blk_drain_queue() function. It was\n found that a use-after-free condition could be\n triggered in the block device subsystem while the\n outstanding command queue was drained. A patient local\n attacker can use this flaw to crash the system or,\n potentially, to escalate their privileges.\n\n - [3.10.0-693.21.1.vz7.46.7 to 3.10.0-957.12.2.vz7.96.21]\n tun: potential kernel crash when TUNSETIFF ioctl\n operation is used for a device with an invalid name.\n\n - [3.10.0-693.21.1.vz7.46.7 to 3.10.0-957.12.2.vz7.96.21]\n Certain operations with iptables in a container may\n crash the kernel.\n\n - [3.10.0-693.21.1.vz7.46.7 to 3.10.0-957.12.2.vz7.96.21]\n A container that tries to mount NFS shares may cause\n the whole system to hang in certain conditions.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://virtuozzosupport.force.com/s/article/VZA-2019-081\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1716328\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1738705\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-46.7-89.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8c15051e\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-48.2-89.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fddf855e\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-63.3-89.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d7ce08c9\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-64.7-89.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5c250910\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-73.24-89.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?72420f9b\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-73.29-89.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9693c7fe\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-85.17-89.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?df030fea\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-86.2-89.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4271804e\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-96.21-89.2-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b0eb04cb\");\n script_set_attribute(attribute:\"solution\", value:\"Update the readykernel patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20856\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:readykernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\", \"Host/readykernel-info\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"readykernel.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nrk_info = get_kb_item(\"Host/readykernel-info\");\nif (empty_or_null(rk_info)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\n\nchecks = make_list2(\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.21.1.vz7.46.7\",\n \"patch\",\"readykernel-patch-46.7-89.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.21.1.vz7.48.2\",\n \"patch\",\"readykernel-patch-48.2-89.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.11.6.vz7.64.7\",\n \"patch\",\"readykernel-patch-63.3-89.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.20.2.vz7.73.24\",\n \"patch\",\"readykernel-patch-64.7-89.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.20.2.vz7.73.29\",\n \"patch\",\"readykernel-patch-73.24-89.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.9.1.vz7.63.3\",\n \"patch\",\"readykernel-patch-73.29-89.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-957.10.1.vz7.85.17\",\n \"patch\",\"readykernel-patch-85.17-89.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-957.12.2.vz7.86.2\",\n \"patch\",\"readykernel-patch-86.2-89.2-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-957.12.2.vz7.96.21\",\n \"patch\",\"readykernel-patch-96.21-89.2-1.vl7\"\n )\n);\nreadykernel_execute_checks(checks:checks, severity:SECURITY_WARNING, release:\"Virtuozzo-7\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:15", "description": "It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-10126)\n\nAndrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-1125)\n\nIt was discovered that the PowerPC dlpar implementation in the Linux kernel did not properly check for allocation errors in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-12614)\n\nIt was discovered that a NULL pointer dereference vulnerability existed in the Near-field communication (NFC) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-12984)\n\nJann Horn discovered a use-after-free vulnerability in the Linux kernel when accessing LDT entries in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-13233)\n\nJann Horn discovered that the ptrace implementation in the Linux kernel did not properly record credentials in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2019-13272)\n\nIt was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-3846).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-14T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 19.04 : Linux kernel vulnerabilities (USN-4093-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10126", "CVE-2019-1125", "CVE-2019-12614", "CVE-2019-12984", "CVE-2019-13233", "CVE-2019-13272", "CVE-2019-3846"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4093-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127888", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4093-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127888);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-10126\", \"CVE-2019-1125\", \"CVE-2019-12614\", \"CVE-2019-12984\", \"CVE-2019-13233\", \"CVE-2019-13272\", \"CVE-2019-3846\");\n script_xref(name:\"USN\", value:\"4093-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 19.04 : Linux kernel vulnerabilities (USN-4093-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that a heap buffer overflow existed in the Marvell\nWireless LAN device driver for the Linux kernel. An attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2019-10126)\n\nAndrei Vlad Lutas and Dan Lutas discovered that some x86 processors\nincorrectly handle SWAPGS instructions during speculative execution. A\nlocal attacker could use this to expose sensitive information (kernel\nmemory). (CVE-2019-1125)\n\nIt was discovered that the PowerPC dlpar implementation in the Linux\nkernel did not properly check for allocation errors in some\nsituations. A local attacker could possibly use this to cause a denial\nof service (system crash). (CVE-2019-12614)\n\nIt was discovered that a NULL pointer dereference vulnerability\nexisted in the Near-field communication (NFC) implementation in the\nLinux kernel. A local attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-12984)\n\nJann Horn discovered a use-after-free vulnerability in the Linux\nkernel when accessing LDT entries in some situations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-13233)\n\nJann Horn discovered that the ptrace implementation in the Linux\nkernel did not properly record credentials in some situations. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly gain administrative privileges. (CVE-2019-13272)\n\nIt was discovered that the Marvell Wireless LAN device driver in the\nLinux kernel did not properly validate the BSS descriptor. A local\nattacker could possibly use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2019-3846).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4093-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-10126\", \"CVE-2019-1125\", \"CVE-2019-12614\", \"CVE-2019-12984\", \"CVE-2019-13233\", \"CVE-2019-13272\", \"CVE-2019-3846\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4093-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1014-azure\", pkgver:\"5.0.0-1014.14~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-25-generic\", pkgver:\"5.0.0-25.26~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-25-generic-lpae\", pkgver:\"5.0.0-25.26~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-25-lowlatency\", pkgver:\"5.0.0-25.26~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-azure\", pkgver:\"5.0.0.1014.25\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-hwe-18.04\", pkgver:\"5.0.0.25.82\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae-hwe-18.04\", pkgver:\"5.0.0.25.82\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency-hwe-18.04\", pkgver:\"5.0.0.25.82\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-snapdragon-hwe-18.04\", pkgver:\"5.0.0.25.82\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual-hwe-18.04\", pkgver:\"5.0.0.25.82\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1013-gcp\", pkgver:\"5.0.0-1013.13\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1013-kvm\", pkgver:\"5.0.0-1013.14\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1014-azure\", pkgver:\"5.0.0-1014.14\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1014-raspi2\", pkgver:\"5.0.0-1014.14\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1018-snapdragon\", pkgver:\"5.0.0-1018.19\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-25-generic\", pkgver:\"5.0.0-25.26\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-25-generic-lpae\", pkgver:\"5.0.0-25.26\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-25-lowlatency\", pkgver:\"5.0.0-25.26\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-azure\", pkgver:\"5.0.0.1014.13\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-gcp\", pkgver:\"5.0.0.1013.13\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic\", pkgver:\"5.0.0.25.26\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"5.0.0.25.26\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-gke\", pkgver:\"5.0.0.1013.13\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-kvm\", pkgver:\"5.0.0.1013.13\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"5.0.0.25.26\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-raspi2\", pkgver:\"5.0.0.1014.11\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"5.0.0.1018.11\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-virtual\", pkgver:\"5.0.0.25.26\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-5.0-azure / linux-image-5.0-gcp / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:58", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* TCP packets are segmented when sent to the VLAN device when coming from VXLAN dev. (BZ#1732810)\n\n* skb head copy occurs when sending traffic over OVS managed VXLAN tunnel (BZ #1733896)\n\n* [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734306)\n\n* use 'make -jN' for modules_install (BZ#1735082)\n\n* Backport TCP follow-up for small buffers (BZ#1739128)\n\n* [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740176)\n\n* RHEL7.6 - powerpc/pseries: Disable CPU hotplug across migrations / powerpc/ rtas: Fix a potential race between CPU-Offline & Migration (LPM) (BZ# 1745437)\n\n* RHEL7.6 - powerpc/pseries: Fix uninitialized timer reset on migration / powerpc/pseries/mobility: Extend start/stop topology update scope (LPM) (BZ #1745439)\n\n* RHEL7.5 - ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745447)", "cvss3": {}, "published": "2019-10-09T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2019:2975)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125", "CVE-2019-9506"], "modified": "2020-02-18T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7.5"], "id": "REDHAT-RHSA-2019-2975.NASL", "href": "https://www.tenable.com/plugins/nessus/129738", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2975. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129738);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/02/18\");\n\n script_cve_id(\"CVE-2019-1125\", \"CVE-2019-9506\");\n script_xref(name:\"RHSA\", value:\"2019:2975\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2019:2975)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.5\nExtended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks\n(KNOB) (CVE-2019-9506)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* TCP packets are segmented when sent to the VLAN device when coming\nfrom VXLAN dev. (BZ#1732810)\n\n* skb head copy occurs when sending traffic over OVS managed VXLAN\ntunnel (BZ #1733896)\n\n* [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734306)\n\n* use 'make -jN' for modules_install (BZ#1735082)\n\n* Backport TCP follow-up for small buffers (BZ#1739128)\n\n* [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree\n(BZ#1740176)\n\n* RHEL7.6 - powerpc/pseries: Disable CPU hotplug across migrations /\npowerpc/ rtas: Fix a potential race between CPU-Offline & Migration\n(LPM) (BZ# 1745437)\n\n* RHEL7.6 - powerpc/pseries: Fix uninitialized timer reset on\nmigration / powerpc/pseries/mobility: Extend start/stop topology\nupdate scope (LPM) (BZ #1745439)\n\n* RHEL7.5 - ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace\nseen during LPM (POWER9/P9) (BZ#1745447)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/4329821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2975\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-1125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9506\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7\\.5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.5\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-1125\", \"CVE-2019-9506\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:2975\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2975\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"kernel-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", reference:\"kernel-abi-whitelists-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"kernel-debug-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"kernel-debug-devel-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"kernel-debuginfo-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"kernel-devel-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", reference:\"kernel-doc-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"kernel-headers-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"kernel-kdump-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"perf-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"perf-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"perf-debuginfo-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"python-perf-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"python-perf-debuginfo-3.10.0-862.43.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-862.43.1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:10", "description": "Eli Biham and Lior Neumann discovered that the Bluetooth implementation in the Linux kernel did not properly validate elliptic curve parameters during Diffie-Hellman key exchange in some situations. An attacker could use this to expose sensitive information. (CVE-2018-5383)\n\nIt was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-10126)\n\nAndrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-1125)\n\nJann Horn discovered that a race condition existed in the Linux kernel when performing core dumps. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information.\n(CVE-2019-11599)\n\nIt was discovered that the PowerPC dlpar implementation in the Linux kernel did not properly check for allocation errors in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-12614)\n\nJann Horn discovered that the ptrace implementation in the Linux kernel did not properly record credentials in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2019-13272)\n\nIt was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-3846).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-14T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4095-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5383", "CVE-2019-10126", "CVE-2019-1125", "CVE-2019-11599", "CVE-2019-12614", "CVE-2019-13272", "CVE-2019-3846", "CVE-2019-9503"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-4095-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127890", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4095-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127890);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-5383\", \"CVE-2019-10126\", \"CVE-2019-1125\", \"CVE-2019-11599\", \"CVE-2019-12614\", \"CVE-2019-13272\", \"CVE-2019-3846\", \"CVE-2019-9503\");\n script_xref(name:\"USN\", value:\"4095-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4095-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Eli Biham and Lior Neumann discovered that the Bluetooth\nimplementation in the Linux kernel did not properly validate elliptic\ncurve parameters during Diffie-Hellman key exchange in some\nsituations. An attacker could use this to expose sensitive\ninformation. (CVE-2018-5383)\n\nIt was discovered that a heap buffer overflow existed in the Marvell\nWireless LAN device driver for the Linux kernel. An attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2019-10126)\n\nAndrei Vlad Lutas and Dan Lutas discovered that some x86 processors\nincorrectly handle SWAPGS instructions during speculative execution. A\nlocal attacker could use this to expose sensitive information (kernel\nmemory). (CVE-2019-1125)\n\nJann Horn discovered that a race condition existed in the Linux kernel\nwhen performing core dumps. A local attacker could use this to cause a\ndenial of service (system crash) or expose sensitive information.\n(CVE-2019-11599)\n\nIt was discovered that the PowerPC dlpar implementation in the Linux\nkernel did not properly check for allocation errors in some\nsituations. A local attacker could possibly use this to cause a denial\nof service (system crash). (CVE-2019-12614)\n\nJann Horn discovered that the ptrace implementation in the Linux\nkernel did not properly record credentials in some situations. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly gain administrative privileges. (CVE-2019-13272)\n\nIt was discovered that the Marvell Wireless LAN device driver in the\nLinux kernel did not properly validate the BSS descriptor. A local\nattacker could possibly use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2019-3846).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4095-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-5383\", \"CVE-2019-10126\", \"CVE-2019-1125\", \"CVE-2019-11599\", \"CVE-2019-12614\", \"CVE-2019-13272\", \"CVE-2019-3846\", \"CVE-2019-9503\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4095-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1054-kvm\", pkgver:\"4.4.0-1054.61\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1090-aws\", pkgver:\"4.4.0-1090.101\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1118-raspi2\", pkgver:\"4.4.0-1118.127\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1122-snapdragon\", pkgver:\"4.4.0-1122.128\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-159-generic\", pkgver:\"4.4.0-159.187\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-159-generic-lpae\", pkgver:\"4.4.0-159.187\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-159-lowlatency\", pkgver:\"4.4.0-159.187\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1090.94\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.159.167\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.159.167\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.4.0.1054.54\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.159.167\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.4.0.1118.118\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1122.114\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.4.0.159.167\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-aws / linux-image-4.4-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:29", "description": "This update for the Linux Kernel 4.4.121-92_114 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2018-20856: Fixed a use-after-free in __blk_drain_queue() due to an improper error handling (bsc#1156331).\n\nCVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship (bsc#1156321).\n\nCVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n\nThe following bugs were fixed: Fixed boot up hang revealed by int3 self test (bsc#1157770).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-12T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3261-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-10220", "CVE-2019-13272"], "modified": "2023-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_114-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_117-default", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-3261-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132007", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:3261-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132007);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\"CVE-2018-20856\", \"CVE-2019-10220\", \"CVE-2019-13272\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3261-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for the Linux Kernel 4.4.121-92_114 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2018-20856: Fixed a use-after-free in __blk_drain_queue() due to\nan improper error handling (bsc#1156331).\n\nCVE-2019-13272: Fixed a privilege escalation from user to root due to\nimproper handling of credentials by leveraging certain scenarios with\na parent-child process relationship (bsc#1156321).\n\nCVE-2019-10220: Fixed an issue where samba servers could inject\nrelative paths in directory entry lists (bsc#1153108).\n\nThe following bugs were fixed: Fixed boot up hang revealed by int3\nself test (bsc#1157770).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157770\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-20856/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-10220/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-13272/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20193261-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?805b93a0\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-3261=1 SUSE-SLE-SAP-12-SP2-2019-3262=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-3261=1 SUSE-SLE-SERVER-12-SP2-2019-3262=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_114-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_117-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_114-default-6-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_117-default-5-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:25", "description": "This update for the Linux Kernel 4.4.121-92_101 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2018-20856: Fixed a use-after-free in __blk_drain_queue() due to an improper error handling (bsc#1156331).\n\nCVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship (bsc#1156321).\n\nCVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-12T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3232-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-10220", "CVE-2019-13272"], "modified": "2023-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_101-default", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-3232-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132001", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:3232-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132001);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\"CVE-2018-20856\", \"CVE-2019-10220\", \"CVE-2019-13272\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3232-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for the Linux Kernel 4.4.121-92_101 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2018-20856: Fixed a use-after-free in __blk_drain_queue() due to\nan improper error handling (bsc#1156331).\n\nCVE-2019-13272: Fixed a privilege escalation from user to root due to\nimproper handling of credentials by leveraging certain scenarios with\na parent-child process relationship (bsc#1156321).\n\nCVE-2019-10220: Fixed an issue where samba servers could inject\nrelative paths in directory entry lists (bsc#1153108).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-20856/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-10220/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-13272/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20193232-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bc6ca454\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-3232=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-3232=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_101-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_101-default-7-2.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:28", "description": "The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0100 advisory.\n\n - kernel: TLB flush happens too late on mremap (CVE-2018-18281)\n\n - kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)\n\n - kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-01-16T00:00:00", "type": "nessus", "title": "RHEL 6 : kernel-rt (RHSA-2020:0100)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18281", "CVE-2018-20856", "CVE-2019-11599"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel"], "id": "REDHAT-RHSA-2020-0100.NASL", "href": "https://www.tenable.com/plugins/nessus/132947", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0100. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132947);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2018-18281\", \"CVE-2018-20856\", \"CVE-2019-11599\");\n script_xref(name:\"RHSA\", value:\"2020:0100\");\n\n script_name(english:\"RHEL 6 : kernel-rt (RHSA-2020:0100)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:0100 advisory.\n\n - kernel: TLB flush happens too late on mremap (CVE-2018-18281)\n\n - kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)\n\n - kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-18281\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-20856\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1645121\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1705937\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1738705\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11599\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-20856\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 362, 667, 672);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '6')) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2018-18281', 'CVE-2018-20856', 'CVE-2019-11599');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2020:0100');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/mrg-g-execute/2/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/mrg-g-execute/2/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/mrg-g-execute/2/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/mrg-mgmt/2/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/mrg-mgmt/2/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/mrg-mgmt/2/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-g-execute/2/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-g-execute/2/os',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-g-execute/2/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-g/2/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-g/2/os',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-g/2/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-m/2/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-m/2/os',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-m/2/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-mgmt/2/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-mgmt/2/os',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-mgmt/2/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-r/2/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-r/2/os',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-r/2/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-rt-3.10.0-693.62.1.rt56.659.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-debug-3.10.0-693.62.1.rt56.659.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-debug-devel-3.10.0-693.62.1.rt56.659.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-devel-3.10.0-693.62.1.rt56.659.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-doc-3.10.0-693.62.1.rt56.659.el6rt', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-firmware-3.10.0-693.62.1.rt56.659.el6rt', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-trace-3.10.0-693.62.1.rt56.659.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-trace-devel-3.10.0-693.62.1.rt56.659.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-vanilla-3.10.0-693.62.1.rt56.659.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-vanilla-devel-3.10.0-693.62.1.rt56.659.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-rt / kernel-rt-debug / kernel-rt-debug-devel / kernel-rt-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:56", "description": "This update for the Linux Kernel 4.4.121-92_109 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2018-20856: Fixed a use-after-free in __blk_drain_queue() due to an improper error handling (bsc#1156331).\n\nCVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship (bsc#1156321).\n\nCVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-12T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3260-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-10220", "CVE-2019-13272"], "modified": "2023-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_104-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_109-default", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-3260-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132006", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:3260-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132006);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\"CVE-2018-20856\", \"CVE-2019-10220\", \"CVE-2019-13272\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3260-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for the Linux Kernel 4.4.121-92_109 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2018-20856: Fixed a use-after-free in __blk_drain_queue() due to\nan improper error handling (bsc#1156331).\n\nCVE-2019-13272: Fixed a privilege escalation from user to root due to\nimproper handling of credentials by leveraging certain scenarios with\na parent-child process relationship (bsc#1156321).\n\nCVE-2019-10220: Fixed an issue where samba servers could inject\nrelative paths in directory entry lists (bsc#1153108).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-20856/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-10220/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-13272/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20193260-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dcc6ea8b\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-3259=1 SUSE-SLE-SAP-12-SP2-2019-3260=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-3259=1 SUSE-SLE-SERVER-12-SP2-2019-3260=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_104-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_109-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_104-default-7-2.5\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_109-default-7-2.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:35", "description": "It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-10126)\n\nAmit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. (CVE-2019-10638)\n\nIt was discovered that a NULL pointer dereference vulnerability existed in the Near-field communication (NFC) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-12984)\n\nJann Horn discovered a use-after-free vulnerability in the Linux kernel when accessing LDT entries in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-13233)\n\nJann Horn discovered that the ptrace implementation in the Linux kernel did not properly record credentials in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2019-13272)\n\nIt was discovered that the floppy driver in the Linux kernel did not properly validate meta data, leading to a buffer overread. A local attacker could use this to cause a denial of service (system crash).\n(CVE-2019-14283)\n\nIt was discovered that the floppy driver in the Linux kernel did not properly validate ioctl() calls, leading to a division-by-zero. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-14284)\n\nIt was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-3846)\n\nJason Wang discovered that an infinite loop vulnerability existed in the virtio net driver in the Linux kernel. A local attacker in a guest VM could possibly use this to cause a denial of service in the host system. (CVE-2019-3900).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-03T00:00:00", "type": "nessus", "title": "Ubuntu 19.04 : linux-aws vulnerabilities (USN-4117-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10126", "CVE-2019-10638", "CVE-2019-12984", "CVE-2019-13233", "CVE-2019-13272", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-3846", "CVE-2019-3900"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4117-1.NASL", "href": "https://www.tenable.com/plugins/nessus/128477", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4117-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128477);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-10126\", \"CVE-2019-10638\", \"CVE-2019-12984\", \"CVE-2019-13233\", \"CVE-2019-13272\", \"CVE-2019-14283\", \"CVE-2019-14284\", \"CVE-2019-3846\", \"CVE-2019-3900\");\n script_xref(name:\"USN\", value:\"4117-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Ubuntu 19.04 : linux-aws vulnerabilities (USN-4117-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that a heap buffer overflow existed in the Marvell\nWireless LAN device driver for the Linux kernel. An attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2019-10126)\n\nAmit Klein and Benny Pinkas discovered that the Linux kernel did not\nsufficiently randomize IP ID values generated for connectionless\nnetworking protocols. A remote attacker could use this to track\nparticular Linux devices. (CVE-2019-10638)\n\nIt was discovered that a NULL pointer dereference vulnerability\nexisted in the Near-field communication (NFC) implementation in the\nLinux kernel. A local attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-12984)\n\nJann Horn discovered a use-after-free vulnerability in the Linux\nkernel when accessing LDT entries in some situations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-13233)\n\nJann Horn discovered that the ptrace implementation in the Linux\nkernel did not properly record credentials in some situations. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly gain administrative privileges. (CVE-2019-13272)\n\nIt was discovered that the floppy driver in the Linux kernel did not\nproperly validate meta data, leading to a buffer overread. A local\nattacker could use this to cause a denial of service (system crash).\n(CVE-2019-14283)\n\nIt was discovered that the floppy driver in the Linux kernel did not\nproperly validate ioctl() calls, leading to a division-by-zero. A\nlocal attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-14284)\n\nIt was discovered that the Marvell Wireless LAN device driver in the\nLinux kernel did not properly validate the BSS descriptor. A local\nattacker could possibly use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2019-3846)\n\nJason Wang discovered that an infinite loop vulnerability existed in\nthe virtio net driver in the Linux kernel. A local attacker in a guest\nVM could possibly use this to cause a denial of service in the host\nsystem. (CVE-2019-3900).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4117-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-5.0-aws and / or linux-image-aws\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-10126\", \"CVE-2019-10638\", \"CVE-2019-12984\", \"CVE-2019-13233\", \"CVE-2019-13272\", \"CVE-2019-14283\", \"CVE-2019-14284\", \"CVE-2019-3846\", \"CVE-2019-3900\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4117-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1014-aws\", pkgver:\"5.0.0-1014.16\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-aws\", pkgver:\"5.0.0.1014.15\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-5.0-aws / linux-image-aws\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:25:01", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.\n\nCVE-2019-3846, CVE-2019-10126\n\nhuangwen reported multiple buffer overflows in the Marvell wifi (mwifiex) driver, which a local user could use to cause denial of service or the execution of arbitrary code.\n\nCVE-2019-5489\n\nDaniel Gruss, Erik Kraft, Trishita Tiwari, Michael Schwarz, Ari Trachtenberg, Jason Hennessey, Alex Ionescu, and Anders Fogh discovered that local users could use the mincore() system call to obtain sensitive information from other processes that access the same memory-mapped file.\n\nCVE-2019-11477\n\nJonathan Looney reported that a specially crafted sequence of TCP selective acknowledgements (SACKs) allows a remotely triggerable kernel panic.\n\nCVE-2019-11478\n\nJonathan Looney reported that a specially crafted sequence of TCP selective acknowledgements (SACKs) will fragment the TCP retransmission queue, allowing an attacker to cause excessive resource usage.\n\nCVE-2019-11479\n\nJonathan Looney reported that an attacker could force the Linux kernel to segment its responses into multiple TCP segments, each of which contains only 8 bytes of data, drastically increasing the bandwidth required to deliver the same amount of data.\n\nThis update introduces a new sysctl value to control the minimal MSS (net.ipv4.tcp_min_snd_mss), which by default uses the formerly hard- coded value of 48. We recommend raising this to 512 unless you know that your network requires a lower value. (This value applies to Linux 3.16 only.)\n\nCVE-2019-11810\n\nIt was discovered that the megaraid_sas driver did not correctly handle a failed memory allocation during initialisation, which could lead to a double-free. This might have some security impact, but it cannot be triggered by an unprivileged user.\n\nCVE-2019-11833\n\nIt was discovered that the ext4 filesystem implementation writes uninitialised data from kernel memory to new extent blocks. A local user able to write to an ext4 filesystem and then read the filesystem image, for example using a removable drive, might be able to use this to obtain sensitive information.\n\nCVE-2019-11884\n\nIt was discovered that the Bluetooth HIDP implementation did not ensure that new connection names were null-terminated. A local user with CAP_NET_ADMIN capability might be able to use this to obtain sensitive information from the kernel stack.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 3.16.68-2. Packages for PC architectures (amd64 and i386) are already available, and packages for Arm architectures (armel and armhf) will be available soon.\n\nWe recommend that you upgrade your linux packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-06-18T00:00:00", "type": "nessus", "title": "Debian DLA-1823-1 : linux security update (SACK Panic) (SACK Slowness)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10126", "CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479", "CVE-2019-11810", "CVE-2019-11833", "CVE-2019-11884", "CVE-2019-3846", "CVE-2019-5489"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.8-arm", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.8-x86", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.9-x86", "p-cpe:/a:debian:debian_linux:linux-doc-3.16", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-586", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-armel", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-armhf", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-i386", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-common", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-ixp4xx", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-kirkwood", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-orion5x", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-versatile", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-586", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-686-pae", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-amd64", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-armmp", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-ixp4xx", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-kirkwood", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-orion5x", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-versatile", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-manual-3.16", "p-cpe:/a:debian:debian_linux:linux-source-3.16", "p-cpe:/a:debian:debian_linux:linux-support-3.16.0-9", "p-cpe:/a:debian:debian_linux:xen-linux-system-3.16.0-9-amd64", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1823.NASL", "href": "https://www.tenable.com/plugins/nessus/125958", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1823-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125958);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-10126\",\n \"CVE-2019-11477\",\n \"CVE-2019-11478\",\n \"CVE-2019-11479\",\n \"CVE-2019-11810\",\n \"CVE-2019-11833\",\n \"CVE-2019-11884\",\n \"CVE-2019-3846\",\n \"CVE-2019-5489\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0456\");\n\n script_name(english:\"Debian DLA-1823-1 : linux security update (SACK Panic) (SACK Slowness)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2019-3846, CVE-2019-10126\n\nhuangwen reported multiple buffer overflows in the Marvell wifi\n(mwifiex) driver, which a local user could use to cause denial of\nservice or the execution of arbitrary code.\n\nCVE-2019-5489\n\nDaniel Gruss, Erik Kraft, Trishita Tiwari, Michael Schwarz, Ari\nTrachtenberg, Jason Hennessey, Alex Ionescu, and Anders Fogh\ndiscovered that local users could use the mincore() system call to\nobtain sensitive information from other processes that access the same\nmemory-mapped file.\n\nCVE-2019-11477\n\nJonathan Looney reported that a specially crafted sequence of TCP\nselective acknowledgements (SACKs) allows a remotely triggerable\nkernel panic.\n\nCVE-2019-11478\n\nJonathan Looney reported that a specially crafted sequence of TCP\nselective acknowledgements (SACKs) will fragment the TCP\nretransmission queue, allowing an attacker to cause excessive resource\nusage.\n\nCVE-2019-11479\n\nJonathan Looney reported that an attacker could force the Linux kernel\nto segment its responses into multiple TCP segments, each of which\ncontains only 8 bytes of data, drastically increasing the bandwidth\nrequired to deliver the same amount of data.\n\nThis update introduces a new sysctl value to control the\nminimal MSS (net.ipv4.tcp_min_snd_mss), which by default\nuses the formerly hard- coded value of 48. We recommend\nraising this to 512 unless you know that your network\nrequires a lower value. (This value applies to Linux 3.16\nonly.)\n\nCVE-2019-11810\n\nIt was discovered that the megaraid_sas driver did not correctly\nhandle a failed memory allocation during initialisation, which could\nlead to a double-free. This might have some security impact, but it\ncannot be triggered by an unprivileged user.\n\nCVE-2019-11833\n\nIt was discovered that the ext4 filesystem implementation writes\nuninitialised data from kernel memory to new extent blocks. A local\nuser able to write to an ext4 filesystem and then read the filesystem\nimage, for example using a removable drive, might be able to use this\nto obtain sensitive information.\n\nCVE-2019-11884\n\nIt was discovered that the Bluetooth HIDP implementation did not\nensure that new connection names were null-terminated. A local user\nwith CAP_NET_ADMIN capability might be able to use this to obtain\nsensitive information from the kernel stack.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n3.16.68-2. Packages for PC architectures (amd64 and i386) are already\navailable, and packages for Arm architectures (armel and armhf) will\nbe available soon.\n\nWe recommend that you upgrade your linux packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/jessie/linux\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.8-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.8-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.9-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-3.16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-586\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-armel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-armhf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-ixp4xx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-kirkwood\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-orion5x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-586\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-ixp4xx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-kirkwood\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-orion5x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-manual-3.16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-3.16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-3.16.0-9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-linux-system-3.16.0-9-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-arm\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-x86\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.9-x86\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-doc-3.16\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-586\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-686-pae\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-amd64\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armel\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armhf\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-i386\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-amd64\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp-lpae\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-common\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-ixp4xx\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-kirkwood\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-orion5x\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-versatile\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-586\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae-dbg\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64-dbg\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp-lpae\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-ixp4xx\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-kirkwood\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-orion5x\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-versatile\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-libc-dev\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-manual-3.16\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-source-3.16\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-support-3.16.0-9\", reference:\"3.16.68-2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-linux-system-3.16.0-9-amd64\", reference:\"3.16.68-2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:04", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734325)\n\n* Race condition in /dev/sg due to missing synchronization causes corruption in RHV (BZ#1737378)\n\n* [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740177)\n\n* high update_cfs_rq_blocked_load contention (BZ#1740179)\n\n* kvm: backport cpuidle-haltpoll driver (BZ#1740191)\n\n* Growing unreclaimable slab memory (BZ#1741919)\n\n* [Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM with > 240 vCPUs (i.e., when in x2APIC mode) (BZ#1743323)\n\n* NFSv4.0 client sending a double CLOSE (leading to EIO application failure) (BZ#1744945)\n\n* powerpc/pseries: Fix uninitialized timer reset on migration / powerpc/pseries /mobility: Extend start/stop topology update scope (LPM) (BZ#1745441)\n\n* ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745448)\n\n* [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group (BZ# 1748237)\n\n* [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds, but the VM was unavailable for 2 hours (BZ#1748238)\n\n* Allows macvlan to operate correctly over the active-backup mode to support bonding events (BZ#1749291)\n\n* debug kernel reports scheduling while atomic bug in EFI code (BZ#1755324)", "cvss3": {}, "published": "2019-10-30T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2019:3220)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125", "CVE-2019-3900", "CVE-2019-9506"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7.6"], "id": "REDHAT-RHSA-2019-3220.NASL", "href": "https://www.tenable.com/plugins/nessus/130376", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3220. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130376);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2019-1125\", \"CVE-2019-3900\", \"CVE-2019-9506\");\n script_xref(name:\"RHSA\", value:\"2019:3220\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2019:3220)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.6\nExtended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* Kernel: vhost_net: infinite loop while receiving packets leads to\nDoS (CVE-2019-3900)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks\n(KNOB) (CVE-2019-9506)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734325)\n\n* Race condition in /dev/sg due to missing synchronization causes\ncorruption in RHV (BZ#1737378)\n\n* [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree\n(BZ#1740177)\n\n* high update_cfs_rq_blocked_load contention (BZ#1740179)\n\n* kvm: backport cpuidle-haltpoll driver (BZ#1740191)\n\n* Growing unreclaimable slab memory (BZ#1741919)\n\n* [Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM\nwith > 240 vCPUs (i.e., when in x2APIC mode) (BZ#1743323)\n\n* NFSv4.0 client sending a double CLOSE (leading to EIO application\nfailure) (BZ#1744945)\n\n* powerpc/pseries: Fix uninitialized timer reset on migration /\npowerpc/pseries /mobility: Extend start/stop topology update scope\n(LPM) (BZ#1745441)\n\n* ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during\nLPM (POWER9/P9) (BZ#1745448)\n\n* [LLNL 7.5 Bug] slab leak causing a crash when using kmem control\ngroup (BZ# 1748237)\n\n* [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds,\nbut the VM was unavailable for 2 hours (BZ#1748238)\n\n* Allows macvlan to operate correctly over the active-backup mode to\nsupport bonding events (BZ#1749291)\n\n* debug kernel reports scheduling while atomic bug in EFI code\n(BZ#1755324)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/articles/4329821\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-1125\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-3900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-9506\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9506\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7\\.6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.6\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-1125\", \"CVE-2019-3900\", \"CVE-2019-9506\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:3220\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3220\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"bpftool-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"kernel-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", reference:\"kernel-abi-whitelists-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"kernel-debug-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"kernel-debug-devel-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"kernel-debuginfo-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"kernel-devel-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", reference:\"kernel-doc-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"kernel-headers-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"kernel-kdump-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"perf-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"perf-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"perf-debuginfo-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"python-perf-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"s390x\", reference:\"python-perf-debuginfo-3.10.0-957.38.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-957.38.1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:26:18", "description": "This update for the Linux Kernel 4.4.121-92_104 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586)\n\nCVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586)\n\nCVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424).\n\nThis update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-07-24T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1948-1) (SACK Panic) (SACK Slowness)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11477", "CVE-2019-11478", "CVE-2019-3846"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_101-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_104-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_109-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_92-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_95-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_98-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_140-94_42-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_140-94_42-default-debuginfo", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_143-94_47-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_143-94_47-default-debuginfo", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_155-94_50-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_155-94_50-default-debuginfo", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_156-94_57-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_156-94_57-default-debuginfo", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_156-94_61-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_156-94_61-default-debuginfo", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_156-94_64-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_156-94_64-default-debuginfo", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_162-94_69-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_162-94_69-default-debuginfo", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_162-94_72-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_162-94_72-default-debuginfo", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_175-94_79-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_175-94_79-default-debuginfo", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_176-94_88-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_176-94_88-default-debuginfo", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_178-94_91-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_178-94_91-default-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-1948-1.NASL", "href": "https://www.tenable.com/plugins/nessus/126983", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1948-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126983);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-11477\", \"CVE-2019-11478\", \"CVE-2019-3846\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0456\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1948-1) (SACK Panic) (SACK Slowness)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for the Linux Kernel 4.4.121-92_104 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2019-11477: Jonathan Looney discovered that the\nTCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow\nwhen handling TCP Selective Acknowledgments (SACKs). A remote attacker\ncould use this to cause a denial of service. (bsc#1137586)\n\nCVE-2019-11478: Jonathan Looney discovered that the TCP retransmission\nqueue implementation in tcp_fragment could be fragmented when handling\ncertain TCP Selective Acknowledgment (SACK) sequences. A remote\nattacker could use this to cause a denial of service. (bsc#1137586)\n\nCVE-2019-3846: A flaw that allowed an attacker to corrupt memory and\npossibly escalate privileges was found in the mwifiex kernel module\nwhile connecting to a malicious wireless network (bsc#1136424).\n\nThis update contains a regression fix for CVE-2019-11477 and\nCVE-2019-11478 (bsc#1140747).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136446\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137597\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-11477/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-11478/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-3846/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191948-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?93074a6b\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP3:zypper in -t patch\nSUSE-SLE-SAP-12-SP3-2019-1942=1 SUSE-SLE-SAP-12-SP3-2019-1943=1\nSUSE-SLE-SAP-12-SP3-2019-1944=1 SUSE-SLE-SAP-12-SP3-2019-1945=1\nSUSE-SLE-SAP-12-SP3-2019-1946=1 SUSE-SLE-SAP-12-SP3-2019-1947=1\nSUSE-SLE-SAP-12-SP3-2019-1948=1 SUSE-SLE-SAP-12-SP3-2019-1949=1\nSUSE-SLE-SAP-12-SP3-2019-1950=1 SUSE-SLE-SAP-12-SP3-2019-1951=1\nSUSE-SLE-SAP-12-SP3-2019-1952=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-1928=1 SUSE-SLE-SAP-12-SP2-2019-1929=1\nSUSE-SLE-SAP-12-SP2-2019-1931=1 SUSE-SLE-SAP-12-SP2-2019-1932=1\nSUSE-SLE-SAP-12-SP2-2019-1933=1 SUSE-SLE-SAP-12-SP2-2019-1934=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-1942=1 SUSE-SLE-SERVER-12-SP3-2019-1943=1\nSUSE-SLE-SERVER-12-SP3-2019-1944=1 SUSE-SLE-SERVER-12-SP3-2019-1945=1\nSUSE-SLE-SERVER-12-SP3-2019-1946=1 SUSE-SLE-SERVER-12-SP3-2019-1947=1\nSUSE-SLE-SERVER-12-SP3-2019-1948=1 SUSE-SLE-SERVER-12-SP3-2019-1949=1\nSUSE-SLE-SERVER-12-SP3-2019-1950=1 SUSE-SLE-SERVER-12-SP3-2019-1951=1\nSUSE-SLE-SERVER-12-SP3-2019-1952=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-1928=1 SUSE-SLE-SERVER-12-SP2-2019-1929=1\nSUSE-SLE-SERVER-12-SP2-2019-1931=1 SUSE-SLE-SERVER-12-SP2-2019-1932=1\nSUSE-SLE-SERVER-12-SP2-2019-1933=1 SUSE-SLE-SERVER-12-SP2-2019-1934=1\n\nSUSE Linux Enterprise Live Patching 12-SP4:zypper in -t patch\nSUSE-SLE-Live-Patching-12-SP4-2019-1936=1\nSUSE-SLE-Live-Patching-12-SP4-2019-1937=1\nSUSE-SLE-Live-Patching-12-SP4-2019-1938=1\nSUSE-SLE-Live-Patching-12-SP4-2019-1939=1\nSUSE-SLE-Live-Patching-12-SP4-2019-1940=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_101-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_104-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_109-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_92-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_95-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_98-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_140-94_42-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_140-94_42-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_143-94_47-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_143-94_47-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_155-94_50-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_155-94_50-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_156-94_57-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_156-94_57-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_156-94_61-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_156-94_61-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_156-94_64-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_156-94_64-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_162-94_69-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_162-94_69-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_162-94_72-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_162-94_72-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_175-94_79-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_175-94_79-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_176-94_88-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_176-94_88-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_178-94_91-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_178-94_91-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_140-94_42-default-10-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_140-94_42-default-debuginfo-10-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_143-94_47-default-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_143-94_47-default-debuginfo-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_155-94_50-default-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_155-94_50-default-debuginfo-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_156-94_57-default-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_156-94_57-default-debuginfo-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_156-94_61-default-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_156-94_61-default-debuginfo-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_156-94_64-default-6-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_156-94_64-default-debuginfo-6-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_162-94_69-default-5-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_162-94_69-default-debuginfo-5-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_162-94_72-default-5-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_162-94_72-default-debuginfo-5-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_175-94_79-default-4-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_175-94_79-default-debuginfo-4-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_176-94_88-default-3-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_176-94_88-default-debuginfo-3-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_178-94_91-default-3-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_178-94_91-default-debuginfo-3-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_101-default-4-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_104-default-4-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_109-default-4-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_92-default-8-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_95-default-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_98-default-6-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:36", "description": "This update for the Linux Kernel 4.4.178-94_91 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2018-20856: Fixed a use-after-free in block/blk-core.c due to improper error handling (bsc#1156331).\n\nCVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship (bsc#1156321).\n\nCVE-2019-15239: Fixed a vulnerability where a local attacker could have triggered multiple use-after-free conditions resulted in privilege escalation (bsc#1156317).\n\nCVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-12T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3258-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-10220", "CVE-2019-13272", "CVE-2019-15239"], "modified": "2023-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_175-94_79-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_175-94_79-default-debuginfo", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_176-94_88-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_176-94_88-default-debuginfo", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_178-94_91-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_178-94_91-default-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-3258-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132005", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:3258-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132005);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\n \"CVE-2018-20856\",\n \"CVE-2019-10220\",\n \"CVE-2019-13272\",\n \"CVE-2019-15239\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3258-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for the Linux Kernel 4.4.178-94_91 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2018-20856: Fixed a use-after-free in block/blk-core.c due to\nimproper error handling (bsc#1156331).\n\nCVE-2019-13272: Fixed a privilege escalation from user to root due to\nimproper handling of credentials by leveraging certain scenarios with\na parent-child process relationship (bsc#1156321).\n\nCVE-2019-15239: Fixed a vulnerability where a local attacker could\nhave triggered multiple use-after-free conditions resulted in\nprivilege escalation (bsc#1156317).\n\nCVE-2019-10220: Fixed an issue where samba servers could inject\nrelative paths in directory entry lists (bsc#1153108).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-20856/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-10220/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-13272/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15239/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20193258-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?49b4377d\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP3:zypper in -t patch\nSUSE-SLE-SAP-12-SP3-2019-3256=1 SUSE-SLE-SAP-12-SP3-2019-3257=1\nSUSE-SLE-SAP-12-SP3-2019-3258=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-3256=1 SUSE-SLE-SERVER-12-SP3-2019-3257=1\nSUSE-SLE-SERVER-12-SP3-2019-3258=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_175-94_79-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_175-94_79-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_176-94_88-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_176-94_88-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_178-94_91-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_178-94_91-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_175-94_79-default-7-2.5\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_175-94_79-default-debuginfo-7-2.5\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_176-94_88-default-6-2.5\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_176-94_88-default-debuginfo-6-2.5\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_178-94_91-default-6-2.5\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_178-94_91-default-debuginfo-6-2.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:41:31", "description": "A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e.\ndepending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely.(CVE-2018-14633)\n\nAn information leak was discovered in the Linux kernel in cdrom_ioctl_drive_status() function in drivers/cdrom/cdrom.c that could be used by local attackers to read kernel memory at certain location.(CVE-2018-16658)\n\nA security flaw was discovered in the Linux kernel. The vmacache_flush_all() function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.(CVE-2018-17182)\n\nA flaw was found in the Linux kernels block driver implementation (blk_drain_queue() function) where a use-after-free condition could be triggered while draining the outstanding command queue in the systems block device subsystem. An attacker could use this flaw to crash the system or corrupt local memory, which may lead to privilege escalation.(CVE-2018-20856)", "cvss3": {}, "published": "2018-10-05T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2018-1086)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14633", "CVE-2018-16658", "CVE-2018-17182", "CVE-2018-20856"], "modified": "2022-02-10T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo"], "id": "ALA_ALAS-2018-1086.NASL", "href": "https://www.tenable.com/plugins/nessus/117923", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1086.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117923);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/10\");\n\n script_cve_id(\"CVE-2018-14633\", \"CVE-2018-16658\", \"CVE-2018-17182\", \"CVE-2018-20856\");\n script_xref(name:\"ALAS\", value:\"2018-1086\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2018-1086)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A security flaw was found in the chap_server_compute_md5() function in\nthe ISCSI target code in the Linux kernel in a way an authentication\nrequest from an ISCSI initiator is processed. An unauthenticated\nremote attacker can cause a stack buffer overflow and smash up to 17\nbytes of the stack. The attack requires the iSCSI target to be enabled\non the victim host. Depending on how the target's code was built (i.e.\ndepending on a compiler, compile flags and hardware architecture) an\nattack may lead to a system crash and thus to a denial-of-service or\npossibly to a non-authorized access to data exported by an iSCSI\ntarget. Due to the nature of the flaw, privilege escalation cannot be\nfully ruled out, although we believe it is highly\nunlikely.(CVE-2018-14633)\n\nAn information leak was discovered in the Linux kernel in\ncdrom_ioctl_drive_status() function in drivers/cdrom/cdrom.c that\ncould be used by local attackers to read kernel memory at certain\nlocation.(CVE-2018-16658)\n\nA security flaw was discovered in the Linux kernel. The\nvmacache_flush_all() function in mm/vmacache.c mishandles sequence\nnumber overflows. An attacker can trigger a use-after-free (and\npossibly gain privileges) via certain thread creation, map, unmap,\ninvalidation, and dereference operations.(CVE-2018-17182)\n\nA flaw was found in the Linux kernels block driver implementation\n(blk_drain_queue() function) where a use-after-free condition could be\ntriggered while draining the outstanding command queue in the systems\nblock device subsystem. An attacker could use this flaw to crash the\nsystem or corrupt local memory, which may lead to privilege\nescalation.(CVE-2018-20856)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1086.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Run 'yum update kernel' and reboot your instance to update your\nsystem.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14633\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.14.72-68.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.14.72-68.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.14.72-68.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.14.72-68.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.14.72-68.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.14.72-68.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.14.72-68.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.14.72-68.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.14.72-68.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.14.72-68.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.14.72-68.55.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-27T14:17:37", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0664 advisory.\n\n - kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)\n\n - kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816)\n\n - kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895)\n\n - kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-03-06T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2020:0664)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-14816", "CVE-2019-14895", "CVE-2019-17133"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.6", "cpe:/o:redhat:rhel_e4s:7.6", "cpe:/o:redhat:rhel_eus:7.6", "cpe:/o:redhat:rhel_tus:7.6", "p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2020-0664.NASL", "href": "https://www.tenable.com/plugins/nessus/134262", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0664. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134262);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2018-20856\",\n \"CVE-2019-14816\",\n \"CVE-2019-14895\",\n \"CVE-2019-17133\"\n );\n script_xref(name:\"RHSA\", value:\"2020:0664\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2020:0664)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:0664 advisory.\n\n - kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)\n\n - kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816)\n\n - kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in\n drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895)\n\n - kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-20856\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-14816\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-14895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-17133\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0664\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1738705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1744149\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1771909\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1774870\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 120, 122);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.6')) audit(AUDIT_OS_NOT, 'Red Hat 7.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2018-20856', 'CVE-2019-14816', 'CVE-2019-14895', 'CVE-2019-17133');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2020:0664');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.6/x86_64/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.6/x86_64/os',\n 'content/aus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/eus/rhel/computenode/7/7.6/x86_64/debug',\n 'content/eus/rhel/computenode/7/7.6/x86_64/optional/debug',\n 'content/eus/rhel/computenode/7/7.6/x86_64/optional/os',\n 'content/eus/rhel/computenode/7/7.6/x86_64/optional/source/SRPMS',\n 'content/eus/rhel/computenode/7/7.6/x86_64/os',\n 'content/eus/rhel/computenode/7/7.6/x86_64/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/highavailability/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/highavailability/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/optional/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/optional/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/optional/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap-hana/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap-hana/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap-hana/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap/debug',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap/os',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel/power-le/7/7.6/ppc64le/source/SRPMS',\n 'content/eus/rhel/power/7/7.6/ppc64/debug',\n 'content/eus/rhel/power/7/7.6/ppc64/optional/debug',\n 'content/eus/rhel/power/7/7.6/ppc64/optional/os',\n 'content/eus/rhel/power/7/7.6/ppc64/optional/source/SRPMS',\n 'content/eus/rhel/power/7/7.6/ppc64/os',\n 'content/eus/rhel/power/7/7.6/ppc64/sap/debug',\n 'content/eus/rhel/power/7/7.6/ppc64/sap/os',\n 'content/eus/rhel/power/7/7.6/ppc64/sap/source/SRPMS',\n 'content/eus/rhel/power/7/7.6/ppc64/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/eus/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/eus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/os',\n 'content/eus/rhel/server/7/7.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/resilientstorage/os',\n 'content/eus/rhel/server/7/7.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/sap-hana/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/sap-hana/os',\n 'content/eus/rhel/server/7/7.6/x86_64/sap-hana/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/sap/debug',\n 'content/eus/rhel/server/7/7.6/x86_64/sap/os',\n 'content/eus/rhel/server/7/7.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/eus/rhel/system-z/7/7.6/s390x/debug',\n 'content/eus/rhel/system-z/7/7.6/s390x/optional/debug',\n 'content/eus/rhel/system-z/7/7.6/s390x/optional/os',\n 'content/eus/rhel/system-z/7/7.6/s390x/optional/source/SRPMS',\n 'content/eus/rhel/system-z/7/7.6/s390x/os',\n 'content/eus/rhel/system-z/7/7.6/s390x/sap/debug',\n 'content/eus/rhel/system-z/7/7.6/s390x/sap/os',\n 'content/eus/rhel/system-z/7/7.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel/system-z/7/7.6/s390x/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/os',\n 'content/tus/rhel/server/7/7.6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bpftool-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-957.46.1.el7', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-bootwrapper-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-bootwrapper-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-kdump-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-kdump-devel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-957.46.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / kernel-bootwrapper / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:12", "description": "This update for the Linux Kernel 4.4.180-94_100 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2018-20856: Fixed a use-after-free in __blk_drain_queue() due to an improper error handling (bsc#1156331).\n\nCVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship (bsc#1156321).\n\nCVE-2019-15239: Fixed a vulnerability where a local attacker could have triggered multiple use-after-free conditions resulted in privilege escalation (bsc#1156317).\n\nCVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108).\n\nThe following bugs were fixed: Fixed boot up hang revealed by int3 self test (bsc#1157770).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-12T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3228-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-10220", "CVE-2019-13272", "CVE-2019-15239"], "modified": "2023-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_180-94_100-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_180-94_100-default-debuginfo", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_180-94_97-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_180-94_97-default-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-3228-1.NASL", "href": "https://www.tenable.com/plugins/nessus/131999", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:3228-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131999);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/19\");\n\n script_cve_id(\n \"CVE-2018-20856\",\n \"CVE-2019-10220\",\n \"CVE-2019-13272\",\n \"CVE-2019-15239\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:3228-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for the Linux Kernel 4.4.180-94_100 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2018-20856: Fixed a use-after-free in __blk_drain_queue() due to\nan improper error handling (bsc#1156331).\n\nCVE-2019-13272: Fixed a privilege escalation from user to root due to\nimproper handling of credentials by leveraging certain scenarios with\na parent-child process relationship (bsc#1156321).\n\nCVE-2019-15239: Fixed a vulnerability where a local attacker could\nhave triggered multiple use-after-free conditions resulted in\nprivilege escalation (bsc#1156317).\n\nCVE-2019-10220: Fixed an issue where samba servers could inject\nrelative paths in directory entry lists (bsc#1153108).\n\nThe following bugs were fixed: Fixed boot up hang revealed by int3\nself test (bsc#1157770).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157770\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-20856/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-10220/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-13272/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15239/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20193228-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?30bcfa67\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP3:zypper in -t patch\nSUSE-SLE-SAP-12-SP3-2019-3228=1 SUSE-SLE-SAP-12-SP3-2019-3229=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-3228=1 SUSE-SLE-SERVER-12-SP3-2019-3229=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10220\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_180-94_100-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_180-94_100-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_180-94_97-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_180-94_97-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_180-94_100-default-4-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_180-94_100-default-debuginfo-4-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_180-94_97-default-6-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_180-94_97-default-debuginfo-6-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:16:41", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0174 advisory.\n\n - kernel: Use-after-free due to race condition in AF_PACKET implementation (CVE-2018-18559)\n\n - Kernel: speculative bounds check bypass store (CVE-2018-3693)\n\n - kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\n - kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487)\n\n - kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS (CVE-2019-14814)\n\n - kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS (CVE-2019-14815)\n\n - kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816)\n\n - kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133)\n\n - kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)\n\n - kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)\n\n - kernel: af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr (CVE-2019-8912)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-01-22T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel-alt (RHSA-2020:0174)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18559", "CVE-2018-3693", "CVE-2019-10126", "CVE-2019-11487", "CVE-2019-14814", "CVE-2019-14815", "CVE-2019-14816", "CVE-2019-17133", "CVE-2019-18660", "CVE-2019-3846", "CVE-2019-8912"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2020-0174.NASL", "href": "https://www.tenable.com/plugins/nessus/133162", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0174. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133162);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2018-3693\",\n \"CVE-2018-18559\",\n \"CVE-2019-3846\",\n \"CVE-2019-8912\",\n \"CVE-2019-10126\",\n \"CVE-2019-11487\",\n \"CVE-2019-14814\",\n \"CVE-2019-14815\",\n \"CVE-2019-14816\",\n \"CVE-2019-17133\",\n \"CVE-2019-18660\"\n );\n script_bugtraq_id(\n 105724,\n 107063,\n 108004,\n 108054,\n 108521,\n 108817\n );\n script_xref(name:\"RHSA\", value:\"2020:0174\");\n\n script_name(english:\"RHEL 7 : kernel-alt (RHSA-2020:0174)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:0174 advisory.\n\n - kernel: Use-after-free due to race condition in AF_PACKET implementation (CVE-2018-18559)\n\n - Kernel: speculative bounds check bypass store (CVE-2018-3693)\n\n - kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c\n (CVE-2019-10126)\n\n - kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487)\n\n - kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS\n (CVE-2019-14814)\n\n - kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS\n (CVE-2019-14815)\n\n - kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816)\n\n - kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133)\n\n - kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)\n\n - kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c\n (CVE-2019-3846)\n\n - kernel: af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member,\n which leads to a use-after-free in sockfs_setattr (CVE-2019-8912)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-3693\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-18559\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-3846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8912\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-10126\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11487\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-14814\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-14815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-14816\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-17133\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-18660\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0174\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1581650\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1641878\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1678685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1703063\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1713059\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1716992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1744130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1744137\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1744149\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1771909\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1777825\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-17133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(120, 122, 200, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2018-3693', 'CVE-2018-18559', 'CVE-2019-3846', 'CVE-2019-8912', 'CVE-2019-10126', 'CVE-2019-11487', 'CVE-2019-14814', 'CVE-2019-14815', 'CVE-2019-14816', 'CVE-2019-17133', 'CVE-2019-18660');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2020:0174');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-4.14.0-115.17.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-4.14.0-115.17.1.el7a', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-bootwrapper-4.14.0-115.17.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.14.0-115.17.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.14.0-115.17.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.0-115.17.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.0-115.17.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.0-115.17.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.14.0-115.17.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.14.0-115.17.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.0-115.17.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.0-115.17.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-bootwrapper / kernel-debug / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:29:49", "description": "The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2019-15291: There was a NULL pointer dereference, caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540).\n\nCVE-2019-14821: An out-of-bounds access issue was found in the way the KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system (bnc#1151350).\n\nCVE-2017-18595: A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c (bnc#1149555).\n\nCVE-2019-9506: The Bluetooth BR/EDR specification up to and including version 5.1 permitted sufficiently low encryption key length and did not prevent an attacker from influencing the key length negotiation.\nThis allowed practical brute-force attacks (aka 'KNOB') that could decrypt traffic and injected arbitrary ciphertext without the victim noticing (bnc#1137865 bnc#1146042).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-18T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2706-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18595", "CVE-2019-14821", "CVE-2019-15291", "CVE-2019-9506"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-obs-build", "p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource", "p-cpe:/a:novell:suse_linux:kernel-obs-qa", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource", "p-cpe:/a:novell:suse_linux:kselftests-kmp-default", "p-cpe:/a:novell:suse_linux:kselftests-kmp-default-debuginfo", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2706-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130050", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2706-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130050);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2017-18595\", \"CVE-2019-14821\", \"CVE-2019-15291\", \"CVE-2019-9506\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2706-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The SUSE Linux Enterprise 15 kernel was updated to receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2019-15291: There was a NULL pointer dereference, caused by a\nmalicious USB device in the flexcop_usb_probe function in the\ndrivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540).\n\nCVE-2019-14821: An out-of-bounds access issue was found in the way the\nKVM hypervisor implements the Coalesced MMIO write operation. It\noperates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object,\nwherein write indices 'ring->first' and 'ring->last' value could be\nsupplied by a host user-space process. An unprivileged host user or\nprocess with access to '/dev/kvm' device could use this flaw to crash\nthe host kernel, resulting in a denial of service or potentially\nescalating privileges on the system (bnc#1151350).\n\nCVE-2017-18595: A double free may be caused by the function\nallocate_trace_buffer in the file kernel/trace/trace.c (bnc#1149555).\n\nCVE-2019-9506: The Bluetooth BR/EDR specification up to and including\nversion 5.1 permitted sufficiently low encryption key length and did\nnot prevent an attacker from influencing the key length negotiation.\nThis allowed practical brute-force attacks (aka 'KNOB') that could\ndecrypt traffic and injected arbitrary ciphertext without the victim\nnoticing (bnc#1137865 bnc#1146042).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1054914\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055117\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1061840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1071995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131304\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137865\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137959\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142076\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146042\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148133\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149446\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151350\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152024\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152026\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152457\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152460\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152975\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-18595/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14821/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-15291/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9506/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192706-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?902e5bb1\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 15:zypper in -t patch\nSUSE-SLE-Product-WE-15-2019-2706=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2706=1\n\nSUSE Linux Enterprise Module for Live Patching 15:zypper in -t patch\nSUSE-SLE-Module-Live-Patching-15-2019-2706=1\n\nSUSE Linux Enterprise Module for Legacy Software 15:zypper in -t patch\nSUSE-SLE-Module-Legacy-15-2019-2706=1\n\nSUSE Linux Enterprise Module for Development Tools 15:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-2019-2706=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-2706=1\n\nSUSE Linux Enterprise High Availability 15:zypper in -t patch\nSUSE-SLE-Product-HA-15-2019-2706=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debugsource-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-base-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-base-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-debugsource-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-devel-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-devel-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-obs-build-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-obs-build-debugsource-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-obs-qa-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-syms-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-vanilla-base-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-vanilla-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-vanilla-debugsource-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kselftests-kmp-default-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kselftests-kmp-default-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"reiserfs-kmp-default-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"reiserfs-kmp-default-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debugsource-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-base-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-base-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-debugsource-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-devel-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-devel-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-obs-build-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-obs-build-debugsource-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-obs-qa-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-syms-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-vanilla-base-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-vanilla-debuginfo-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-vanilla-debugsource-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kselftests-kmp-default-4.12.14-150.38.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kselftests-kmp-default-debuginfo-4.12.14-150.38.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:29:50", "description": "The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2017-18595: A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c (bnc#1149555).\n\nCVE-2019-14821: An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system (bnc#1151350).\n\nCVE-2019-15291: There was a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540).\n\nCVE-2019-9506: The Bluetooth BR/EDR specification up to and including version 5.1 permitted sufficiently low encryption key length and did not prevent an attacker from influencing the key length negotiation.\nThis allowed practical brute-force attacks (aka 'KNOB') that could decrypt traffic and injected arbitrary ciphertext without the victim noticing (bnc#1137865 bnc#1146042).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-21T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2710-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18595", "CVE-2019-14821", "CVE-2019-15291", "CVE-2019-9506"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-debug", "p-cpe:/a:novell:suse_linux:kernel-debug-base", "p-cpe:/a:novell:suse_linux:kernel-debug-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-debug-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-debug-debugsource", "p-cpe:/a:novell:suse_linux:kernel-debug-devel", "p-cpe:/a:novell:suse_linux:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-debug-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-livepatch", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debugsource", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-obs-build", "p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-man", "p-cpe:/a:novell:suse_linux:kselftests-kmp-default", "p-cpe:/a:novell:suse_linux:kselftests-kmp-default-debuginfo", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:kernel-obs-qa", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-vanilla", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource", "p-cpe:/a:novell:suse_linux:kernel-vanilla-devel", "p-cpe:/a:novell:suse_linux:kernel-vanilla-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo"], "id": "SUSE_SU-2019-2710-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130089", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2710-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130089);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2017-18595\", \"CVE-2019-14821\", \"CVE-2019-15291\", \"CVE-2019-9506\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2710-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2017-18595: A double free may be caused by the function\nallocate_trace_buffer in the file kernel/trace/trace.c (bnc#1149555).\n\nCVE-2019-14821: An out-of-bounds access issue was found in the way\nLinux kernel's KVM hypervisor implements the coalesced MMIO write\noperation. It operates on an MMIO ring buffer 'struct\nkvm_coalesced_mmio' object, wherein write indices 'ring->first' and\n'ring->last' value could be supplied by a host user-space process. An\nunprivileged host user or process with access to '/dev/kvm' device\ncould use this flaw to crash the host kernel, resulting in a denial of\nservice or potentially escalating privileges on the system\n(bnc#1151350).\n\nCVE-2019-15291: There was a NULL pointer dereference caused by a\nmalicious USB device in the flexcop_usb_probe function in the\ndrivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540).\n\nCVE-2019-9506: The Bluetooth BR/EDR specification up to and including\nversion 5.1 permitted sufficiently low encryption key length and did\nnot prevent an attacker from influencing the key length negotiation.\nThis allowed practical brute-force attacks (aka 'KNOB') that could\ndecrypt traffic and injected arbitrary ciphertext without the victim\nnoticing (bnc#1137865 bnc#1146042).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1054914\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055117\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1061840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1071995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131304\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137865\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137959\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137982\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142076\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146042\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148133\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149446\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150305\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150846\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151350\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151661\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151662\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152024\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152026\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152243\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152457\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152460\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152975\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-18595/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14821/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-15291/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9506/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192710-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1d1faa31\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 15-SP1:zypper in -t patch\nSUSE-SLE-Product-WE-15-SP1-2019-2710=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2710=1\n\nSUSE Linux Enterprise Module for Live Patching 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Live-Patching-15-SP1-2019-2710=1\n\nSUSE Linux Enterprise Module for Legacy Software 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Legacy-15-SP1-2019-2710=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-SP1-2019-2710=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-2710=1\n\nSUSE Linux Enterprise High Availability 15-SP1:zypper in -t patch\nSUSE-SLE-Product-HA-15-SP1-2019-2710=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-livepatch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-livepatch-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-base-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-base-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-debugsource-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-devel-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-livepatch-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-livepatch-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debugsource-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-man-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-base-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-base-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-debugsource-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-devel-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-obs-build-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-obs-build-debugsource-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-obs-qa-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-syms-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-base-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-debugsource-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-devel-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-livepatch-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kselftests-kmp-default-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kselftests-kmp-default-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"reiserfs-kmp-default-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"reiserfs-kmp-default-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-livepatch-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-base-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-base-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-debugsource-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-devel-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-livepatch-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-livepatch-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debugsource-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-man-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-base-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-base-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-debugsource-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-devel-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-obs-build-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-obs-build-debugsource-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-obs-qa-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-syms-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-base-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-debugsource-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-devel-debuginfo-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-livepatch-devel-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kselftests-kmp-default-4.12.14-197.21.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kselftests-kmp-default-debuginfo-4.12.14-197.21.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:14", "description": "The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2019-15291: There was a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540).\n\n - CVE-2019-14821: An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system (bnc#1151350).\n\n - CVE-2017-18595: A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c (bnc#1149555).\n\n - CVE-2019-9506: The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and did not prevent an attacker from influencing the key length negotiation. This allowed practical brute-force attacks (aka 'KNOB') that can decrypt traffic and inject arbitrary ciphertext without the victim noticing (bnc#1137865 bnc#1146042).\n\nThe following non-security bugs were fixed :\n\n - ACPI: custom_method: fix memory leaks (bsc#1051510).\n\n - ACPI / PCI: fix acpi_pci_irq_enable() memory leak (bsc#1051510).\n\n - ACPI / property: Fix acpi_graph_get_remote_endpoint() name in kerneldoc (bsc#1051510).\n\n - alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP (bsc#1151680).\n\n - ALSA: aoa: onyx: always initialize register read value (bsc#1051510).\n\n - ALSA: firewire-tascam: check intermediate state of clock status and retry (bsc#1051510).\n\n - ALSA: firewire-tascam: handle error code when getting current source of clock (bsc#1051510).\n\n - ASoC: es8328: Fix copy-paste error in es8328_right_line_controls (bsc#1051510).\n\n - ASoC: Intel: Baytrail: Fix implicit fallthrough warning (bsc#1051510).\n\n - ASoC: sun4i-i2s: RX and TX counter registers are swapped (bsc#1051510).\n\n - ASoC: wm8737: Fix copy-paste error in wm8737_snd_controls (bsc#1051510).\n\n - ASoC: wm8988: fix typo in wm8988_right_line_controls (bsc#1051510).\n\n - ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet (bsc#1111666).\n\n - ath9k: dynack: fix possible deadlock in ath_dynack_node_(de)init (bsc#1051510).\n\n - atm: iphase: Fix Spectre v1 vulnerability (networking-stable-19_08_08).\n\n - bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA (bsc#1051510).\n\n - blk-flush: do not run queue for requests bypassing flush (bsc#1137959).\n\n - blk-flush: use blk_mq_request_bypass_insert() (bsc#1137959).\n\n - blk-mq: do not allocate driver tag upfront for flush rq (bsc#1137959).\n\n - blk-mq: Fix memory leak in blk_mq_init_allocated_queue error handling (bsc#1151610).\n\n - blk-mq: insert rq with DONTPREP to hctx dispatch list when requeue (bsc#1137959).\n\n - blk-mq: introduce blk_mq_request_completed() (bsc#1149446).\n\n - blk-mq: introduce blk_mq_tagset_wait_completed_request() (bsc#1149446).\n\n - blk-mq: kABI fixes for blk-mq.h (bsc#1137959).\n\n - blk-mq: move blk_mq_put_driver_tag*() into blk-mq.h (bsc#1137959).\n\n - blk-mq: punt failed direct issue to dispatch list (bsc#1137959).\n\n - blk-mq: put the driver tag of nxt rq before first one is requeued (bsc#1137959).\n\n - blk-mq-sched: decide how to handle flush rq via RQF_FLUSH_SEQ (bsc#1137959).\n\n - block: fix timeout changes for legacy request drivers (bsc#1149446).\n\n - block: kABI fixes for BLK_EH_DONE renaming (bsc#1142076).\n\n - block: rename BLK_EH_NOT_HANDLED to BLK_EH_DONE (bsc#1142076).\n\n - bnx2x: Disable multi-cos feature (networking-stable-19_08_08).\n\n - bonding/802.3ad: fix link_failure_count tracking (bsc#1137069 bsc#1141013).\n\n - bonding/802.3ad: fix slave link initialization transition states (bsc#1137069 bsc#1141013).\n\n - bonding: Add vlan tx offload to hw_enc_features (networking-stable-19_08_21).\n\n - bonding: set default miimon value for non-arp modes if not set (bsc#1137069 bsc#1141013).\n\n - bonding: speed/duplex update at NETDEV_UP event (bsc#1137069 bsc#1141013).\n\n - btrfs: fix use-after-free when using the tree modification log (bsc#1151891).\n\n - btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls (bsc#1152975).\n\n - btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space (bsc#1152974).\n\n - btrfs: relocation: fix use-after-free on dead relocation roots (bsc#1152972).\n\n - ceph: use ceph_evict_inode to cleanup inode's resource (bsc#1148133).\n\n - clk: at91: fix update bit maps on CFG_MOR write (bsc#1051510).\n\n - clk: sunxi-ng: v3s: add missing clock slices for MMC2 module clocks (bsc#1051510).\n\n - clk: sunxi-ng: v3s: add the missing PLL_DDR1 (bsc#1051510).\n\n - Compile nvme.ko as module (bsc#1150846)\n\n - crypto: caam - fix concurrency issue in givencrypt descriptor (bsc#1051510).\n\n - crypto: caam - free resources in case caam_rng registration failed (bsc#1051510).\n\n - crypto: caam/qi - fix error handling in ERN handler (bsc#1111666).\n\n - crypto: cavium/zip - Add missing single_release() (bsc#1051510).\n\n - crypto: ccp - Reduce maximum stack usage (bsc#1051510).\n\n - crypto: qat - Silence smp_processor_id() warning (bsc#1051510).\n\n - crypto: skcipher - Unmap pages after an external error (bsc#1051510).\n\n - dma-buf/sw_sync: Synchronize signal vs syncpt free (bsc#1111666).\n\n - dmaengine: dw: platform: Switch to acpi_dma_controller_register() (bsc#1051510).\n\n - dmaengine: iop-adma.c: fix printk format warning (bsc#1051510).\n\n - drivers: thermal: int340x_thermal: Fix sysfs race condition (bsc#1051510).\n\n - drm/i915: Fix various tracepoints for gen2 (bsc#1113722)\n\n - drm/imx: Drop unused imx-ipuv3-crtc.o build (bsc#1113722)\n\n - EDAC/amd64: Decode syndrome before translating address (bsc#1114279).\n\n - eeprom: at24: make spd world-readable again (git-fixes).\n\n - ext4: fix warning inside ext4_convert_unwritten_extents_endio (bsc#1152025).\n\n - ext4: set error return correctly when ext4_htree_store_dirent fails (bsc#1152024).\n\n - Fix kabi for: NFSv4: Fix OPEN / CLOSE race (git-fixes).\n\n - floppy: fix usercopy direction (bsc#1111666).\n\n - git-sort: add nfsd maintainers git tree This allows git-sort to handle patches queued for nfsd.\n\n - gpio: fix line flag validation in lineevent_create (bsc#1051510).\n\n - gpio: fix line flag validation in linehandle_create (bsc#1051510).\n\n - gpiolib: acpi: Add gpiolib_acpi_run_edge_events_on_boot option and blacklist (bsc#1051510).\n\n - gpiolib: only check line handle flags once (bsc#1051510).\n\n - gpio: Move gpiochip_lock/unlock_as_irq to gpio/driver.h (bsc#1051510).\n\n - hwmon: (lm75) Fix write operations for negative temperatures (bsc#1051510).\n\n - hwmon: (shtc1) fix shtc1 and shtw1 id mask (bsc#1051510).\n\n - i2c: designware: Synchronize IRQs when unregistering slave client (bsc#1111666).\n\n - i40e: Add support for X710 device (bsc#1151067).\n\n - ife: error out when nla attributes are empty (networking-stable-19_08_08).\n\n - iio: dac: ad5380: fix incorrect assignment to val (bsc#1051510).\n\n - Input: elan_i2c - remove Lenovo Legion Y7000 PnpID (bsc#1051510).\n\n - iommu/dma: Fix for dereferencing before null checking (bsc#1151667).\n\n - iommu: Do not use sme_active() in generic code (bsc#1151661).\n\n - iommu/iova: Avoid false sharing on fq_timer_on (bsc#1151662).\n\n - ip6_tunnel: fix possible use-after-free on xmit (networking-stable-19_08_08).\n\n - ipv6/addrconf: allow adding multicast addr if IFA_F_MCAUTOJOIN is set (networking-stable-19_08_28).\n\n - isdn/capi: check message length in capi_write() (bsc#1051510).\n\n - kABI: media: em28xx: fix handler for vidioc_s_input() (bsc#1051510). fixes kABI\n\n - kABI: media: em28xx: stop rewriting device's struct (bsc#1051510). fixes kABI\n\n - kABI protect struct vmem_altmap (bsc#1150305).\n\n - KVM: PPC: Book3S: Fix incorrect guest-to-user-translation error handling (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Check for MMU ready on piggybacked virtual cores (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Do not lose pending doorbell request on migration on P9 (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Do not push XIVE context when not using XIVE device (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Fix lockdep warning when entering the guest (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Fix race in re-enabling XIVE escalation interrupts (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Handle virtual mode in XIVE VCPU push code (bsc#1061840).\n\n - KVM: PPC: Book3S HV: XIVE: Free escalation interrupts before disabling the VP (bsc#1061840).\n\n - leds: leds-lp5562 allow firmware files up to the maximum length (bsc#1051510).\n\n - leds: trigger: gpio: GPIO 0 is valid (bsc#1051510).\n\n - libertas_tf: Use correct channel range in lbtf_geo_init (bsc#1051510).\n\n - libiscsi: do not try to bypass SCSI EH (bsc#1142076).\n\n - libnvdimm/altmap: Track namespace boundaries in altmap (bsc#1150305).\n\n - libnvdimm: prevent nvdimm from requesting key when security is disabled (bsc#1137982).\n\n - lightnvm: remove dependencies on BLK_DEV_NVME and PCI (bsc#1150846).\n\n - livepatch: Nullify obj->mod in klp_module_coming()'s error path (bsc#1071995).\n\n - mac80211: minstrel_ht: fix per-group max throughput rate initialization (bsc#1051510).\n\n - md: do not report active array_state until after revalidate_disk() completes (git-fixes).\n\n - md: only call set_in_sync() when it is expected to succeed (git-fixes).\n\n - md/raid6: Set R5_ReadError when there is read failure on parity disk (git-fixes).\n\n - media: atmel: atmel-isi: fix timeout value for stop streaming (bsc#1051510).\n\n - media: dib0700: fix link error for dibx000_i2c_set_speed (bsc#1051510).\n\n - media: em28xx: fix handler for vidioc_s_input() (bsc#1051510).\n\n - media: em28xx: stop rewriting device's struct (bsc#1051510).\n\n - media: fdp1: Reduce FCP not found message level to debug (bsc#1051510).\n\n - media: marvell-ccic: do not generate EOF on parallel bus (bsc#1051510).\n\n - media: mc-device.c: do not memset __user pointer contents (bsc#1051510).\n\n - media: ov6650: Fix sensor possibly not detected on probe (bsc#1051510).\n\n - media: ov6650: Move v4l2_clk_get() to ov6650_video_probe() helper (bsc#1051510).\n\n - media: replace strcpy() by strscpy() (bsc#1051510).\n\n - media: Revert '[media] marvell-ccic: reset ccic phy when stop streaming for stability' (bsc#1051510).\n\n - media: technisat-usb2: break out of loop at end of buffer (bsc#1051510).\n\n - media: tm6000: double free if usb disconnect while streaming (bsc#1051510).\n\n - media: vb2: Fix videobuf2 to map correct area (bsc#1051510).\n\n - mic: avoid statically declaring a 'struct device' (bsc#1051510).\n\n - mmc: sdhci-msm: fix mutex while in spinlock (bsc#1142635).\n\n - mmc: sdhci-of-arasan: Do now show error message in case of deffered probe (bsc#1119086).\n\n - mtd: spi-nor: Fix Cadence QSPI RCU Schedule Stall (bsc#1051510).\n\n - mvpp2: refactor MTU change code (networking-stable-19_08_08).\n\n - net: bridge: delete local fdb on device init failure (networking-stable-19_08_08).\n\n - net: bridge: mcast: do not delete permanent entries when fast leave is enabled (networking-stable-19_08_08).\n\n - net: fix ifindex collision during namespace removal (networking-stable-19_08_08).\n\n - net/ibmvnic: prevent more than one thread from running in reset (bsc#1152457 ltc#174432).\n\n - net/ibmvnic: unlock rtnl_lock in reset so linkwatch_event can run (bsc#1152457 ltc#174432).\n\n - net/mlx5e: Only support tx/rx pause setting for port owner (networking-stable-19_08_21).\n\n - net/mlx5e: Prevent encap flow counter update async to user query (networking-stable-19_08_08).\n\n - net/mlx5e: Use flow keys dissector to parse packets for ARFS (networking-stable-19_08_21).\n\n - net/mlx5: Use reversed order when unregister devices (networking-stable-19_08_08).\n\n - net/packet: fix race in tpacket_snd() (networking-stable-19_08_21).\n\n - net: sched: Fix a possible NULL pointer dereference in dequeue_func() (networking-stable-19_08_08).\n\n - net/smc: make sure EPOLLOUT is raised (networking-stable-19_08_28).\n\n - NFS4: Fix v4.0 client state corruption when mount (git-fixes).\n\n - nfsd: degraded slot-count more gracefully as allocation nears exhaustion (bsc#1150381).\n\n - nfsd: Do not release the callback slot unless it was actually held (git-fixes).\n\n - nfsd: Fix overflow causing non-working mounts on 1 TB machines (bsc#1150381).\n\n - nfsd: fix performance-limiting session calculation (bsc#1150381).\n\n - nfsd: give out fewer session slots as limit approaches (bsc#1150381).\n\n - nfsd: handle drc over-allocation gracefully (bsc#1150381).\n\n - nfsd: increase DRC cache limit (bsc#1150381).\n\n - NFS: Do not interrupt file writeout due to fatal errors (git-fixes).\n\n - NFS: Do not open code clearing of delegation state (git-fixes).\n\n - NFS: Ensure O_DIRECT reports an error if the bytes read/written is 0 (git-fixes).\n\n - NFS: Fix regression whereby fscache errors are appearing on 'nofsc' mounts (git-fixes).\n\n - NFS: Forbid setting AF_INET6 to 'struct sockaddr_in'->sin_family (git-fixes).\n\n - NFS: Refactor nfs_lookup_revalidate() (git-fixes).\n\n - NFS: Remove redundant semicolon (git-fixes).\n\n - NFSv4.1: Again fix a race where CB_NOTIFY_LOCK fails to wake a waiter (git-fixes).\n\n - NFSv4.1: Fix open stateid recovery (git-fixes).\n\n - NFSv4.1: Only reap expired delegations (git-fixes).\n\n - NFSv4: Check the return value of update_open_stateid() (git-fixes).\n\n - NFSv4: Fix an Oops in nfs4_do_setattr (git-fixes).\n\n - NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim() (git-fixes).\n\n - NFSv4: Fix delegation state recovery (git-fixes).\n\n - NFSv4: Fix lookup revalidate of regular files (git-fixes).\n\n - NFSv4: Fix OPEN / CLOSE race (git-fixes).\n\n - NFSv4: Handle the special Linux file open access mode (git-fixes).\n\n - NFSv4: Only pass the delegation to setattr if we're sending a truncate (git-fixes).\n\n - NFSv4/pnfs: Fix a page lock leak in nfs_pageio_resend() (git-fixes).\n\n - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (bsc#1051510).\n\n - null_blk: complete requests from ->timeout (bsc#1149446).\n\n - null_blk: wire up timeouts (bsc#1149446).\n\n - nvme: do not abort completed request in nvme_cancel_request (bsc#1149446).\n\n - nvme: fix multipath crash when ANA is deactivated (bsc#1149446).\n\n - nvme: fix multipath crash when ANA is deactivated (bsc#1149446).\n\n - nvmem: Use the same permissions for eeprom as for nvmem (git-fixes).\n\n - nvme-rdma: Allow DELETING state change failure in (bsc#1104967,).\n\n - nvme-rdma: centralize admin/io queue teardown sequence (bsc#1142076).\n\n - nvme-rdma: centralize controller setup sequence (bsc#1142076).\n\n - nvme-rdma: fix a NULL deref when an admin connect times out (bsc#1149446).\n\n - nvme-rdma: fix a NULL deref when an admin connect times out (bsc#1149446).\n\n - nvme-rdma: fix timeout handler (bsc#1149446).\n\n - nvme-rdma: fix timeout handler (bsc#1149446).\n\n - nvme-rdma: remove redundant reference between ib_device and tagset (bsc#149446).\n\n - nvme-rdma: stop admin queue before freeing it (bsc#1140155).\n\n - nvme-rdma: support up to 4 segments of inline data (bsc#1142076).\n\n - nvme-rdma: unquiesce queues when deleting the controller (bsc#1142076).\n\n - nvme-rdma: use dynamic dma mapping per command (bsc#1149446).\n\n - nvme: remove ns sibling before clearing path (bsc#1140155).\n\n - nvme: return BLK_EH_DONE from ->timeout (bsc#1142076).\n\n - nvme-tcp: fix a NULL deref when an admin connect times out (bsc#1149446).\n\n - nvme-tcp: fix timeout handler (bsc#1149446).\n\n - nvme: wait until all completed request's complete fn is called (bsc#1149446).\n\n - PCI: Add ACS quirk for Amazon Annapurna Labs root ports (bsc#1152187,bsc#1152525).\n\n - PCI: Add Amazon's Annapurna Labs vendor ID (bsc#1152187,bsc#1152525).\n\n - PCI: Add quirk to disable MSI-X support for Amazon's Annapurna Labs Root Port (bsc#1152187,bsc#1152525).\n\n - PCI: hv: Detect and fix Hyper-V PCI domain number collision (bsc#1150423).\n\n - PCI/VPD: Prevent VPD access for Amazon's Annapurna Labs Root Port (bsc#1152187,bsc#1152525).\n\n - phy: renesas: rcar-gen3-usb2: Disable clearing VBUS in over-current (bsc#1051510).\n\n - platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI table (bsc#1051510).\n\n - PM: sleep: Fix possible overflow in pm_system_cancel_wakeup() (bsc#1051510).\n\n - PNFS fallback to MDS if no deviceid found (git-fixes).\n\n - pnfs/flexfiles: Fix PTR_ERR() dereferences in ff_layout_track_ds_error (git-fixes).\n\n - pNFS/flexfiles: Turn off soft RPC calls (git-fixes).\n\n - powerpc/64: Make sys_switch_endian() traceable (bsc#1065729).\n\n - powerpc/64s/radix: Fix MADV_[FREE|DONTNEED] TLB flush miss problem with THP (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Fix memory hotplug section page table creation (bsc#1065729).\n\n - powerpc/64s/radix: Fix memory hot-unplug page table split (bsc#1065729).\n\n - powerpc/64s/radix: Implement _tlbie(l)_va_range flush functions (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Improve preempt handling in TLB code (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Improve TLB flushing for page table freeing (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Introduce local single page ceiling for TLB range flush (bsc#1055117 bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Optimize flush_tlb_range (bsc#1152161 ltc#181664).\n\n - powerpc/book3s64/mm: Do not do tlbie fixup for some hardware revisions (bsc#1152161 ltc#181664).\n\n - powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag (bsc#1152161 ltc#181664).\n\n - powerpc: bpf: Fix generation of load/store DW instructions (bsc#1065729).\n\n - powerpc/bpf: use unsigned division instruction for 64-bit operations (bsc#1065729).\n\n - powerpc: Drop page_is_ram() and walk_system_ram_range() (bsc#1065729).\n\n - powerpc/irq: Do not WARN continuously in arch_local_irq_restore() (bsc#1065729).\n\n - powerpc/irq: drop arch_early_irq_init() (bsc#1065729).\n\n - powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9 (bsc#1152161 ltc#181664).\n\n - powerpc/mm/radix: Drop unneeded NULL check (bsc#1152161 ltc#181664).\n\n - powerpc/mm/radix: implement LPID based TLB flushes to be used by KVM (bsc#1152161 ltc#181664).\n\n - powerpc/mm: Simplify page_is_ram by using memblock_is_memory (bsc#1065729).\n\n - powerpc/mm: Use memblock API for PPC32 page_is_ram (bsc#1065729).\n\n - powerpc/module64: Fix comment in R_PPC64_ENTRY handling (bsc#1065729).\n\n - powerpc/papr_scm: Fix an off-by-one check in papr_scm_meta_(get, set) (bsc#1152243 ltc#181472).\n\n - powerpc/powernv: Fix compile without CONFIG_TRACEPOINTS (bsc#1065729).\n\n - powerpc/powernv/ioda2: Allocate TCE table levels on demand for default DMA window (bsc#1061840).\n\n - powerpc/powernv/ioda: Fix race in TCE level allocation (bsc#1061840).\n\n - powerpc/powernv: move OPAL call wrapper tracing and interrupt handling to C (bsc#1065729).\n\n - powerpc/powernv/npu: Remove obsolete comment about TCE_KILL_INVAL_ALL (bsc#1065729).\n\n - powerpc/pseries: Call H_BLOCK_REMOVE when supported (bsc#1109158).\n\n - powerpc/pseries: Fix cpu_hotplug_lock acquisition in resize_hpt() (bsc#1065729).\n\n - powerpc/pseries/memory-hotplug: Fix return value type of find_aa_index (bsc#1065729).\n\n - powerpc/pseries: Read TLB Block Invalidate Characteristics (bsc#1109158).\n\n - powerpc/ptrace: Simplify vr_get/set() to avoid GCC warning (bsc#1148868).\n\n - powerpc/xive: Fix bogus error code returned by OPAL (bsc#1065729).\n\n - powerpc/xive: Implement get_irqchip_state method for XIVE to fix shutdown race (bsc#1065729).\n\n - powerpc/xmon: Fix opcode being uninitialized in print_insn_powerpc (bsc#1065729).\n\n - power: reset: gpio-restart: Fix typo when gpio reset is not found (bsc#1051510).\n\n - power: supply: Init device wakeup after device_add() (bsc#1051510).\n\n - ppp: Fix memory leak in ppp_write (git-fixes).\n\n - printk: Do not lose last line in kmsg buffer dump (bsc#1152460).\n\n - printk: fix printk_time race (bsc#1152466).\n\n - printk/panic: Avoid deadlock in printk() after stopping CPUs by NMI (bsc#1148712).\n\n - qla2xxx: kABI fixes for v10.01.00.18-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - qla2xxx: remove SGI SN2 support (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - quota: fix wrong condition in is_quota_modification() (bsc#1152026).\n\n - r8152: Set memory to all 0xFFs on failed reg reads (bsc#1051510).\n\n - Refresh scsi-qla2xxx-Capture-FW-dump-on-MPI-heartbeat-stop-e.pat ch 882ffc9f07fb ('scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1123034 bsc#1131304 bsc#1127988).') placed the 'vha->hw->fw_dump_mpi = 0' assigment into the __CHECKER__ section. Upstream placed the assigment before this section.\n\n - regulator: lm363x: Fix off-by-one n_voltages for lm3632 ldo_vpos/ldo_vneg (bsc#1051510).\n\n - Remove patches.kabi/kABI-fixes-for-qla2xxx-Fix-inconsistent-DMA\n -mem-allo.patch The qla2xxx driver has been whitelisted by 1d5e8aad6de2 ('kabi/severities: ignore qla2xxx as all symbols are internal')\n\n - Revert 'mwifiex: fix system hang problem after resume' (bsc#1051510).\n\n - rtlwifi: Fix file release memory leak (bsc#1111666).\n\n - scsi: qla2xxx: Add 28xx flash primary/secondary status/image mechanism (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add Device ID for ISP28XX (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add First Burst support for FC-NVMe devices (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add fw_attr and port_no SysFS node (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add new FW dump template entry types (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add pci function reset support (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add protection mask module parameters (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add Serdes support for ISP28XX (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add support for multiple fwdump templates/segments (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add support for setting port speed (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Allow NVMe IO to resume with short cable pull (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: allow session delete to finish before create (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Avoid PCI IRQ affinity mapping when multiqueue is not supported (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: avoid printf format warning (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Avoid that Coverity complains about dereferencing a NULL rport pointer (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Avoid that lockdep complains about unsafe locking in tcm_qla2xxx_close_session() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Avoid that qla2x00_mem_free() crashes if called twice (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Change abort wait_loop from msleep to wait_event_timeout (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Change data_dsd into an array (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Change default ZIO threshold (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Change the return type of qla24xx_read_flash_data() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Change the return type of qla2x00_update_ms_fdmi_iocb() into void (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Check for FW started flag before aborting (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: check for kstrtol() failure (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Check secondary image if reading the primary image fails (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Check the PCI info string output buffer size (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Check the size of firmware data structures at compile time (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Cleanup fcport memory to prevent leak (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Cleanup redundant qla2x00_abort_all_cmds during unload (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Cleanups for NVRAM/Flash read/write path (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: cleanup trace buffer initialization (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if a command is released that is owned by the firmware (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if a mailbox command times out (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if a soft reset fails (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if parsing the version string fails (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if sp->done() is not called from the completion path (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if waiting for pending commands times out (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain loudly about reference count underflow (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Correct error handling during initialization failures (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Correction and improvement to fwdt processing (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Correctly report max/min supported speeds (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: deadlock by configfs_depend_item (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare fourth qla2x00_set_model_info() argument const (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare local symbols static (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare qla24xx_build_scsi_crc_2_iocbs() static (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare qla2x00_find_new_loop_id() static (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare qla_tgt_cmd.cdb const (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare the fourth ql_dump_buffer() argument const (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Disable T10-DIF feature with FC-NVMe during probe (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Do not corrupt vha->plogi_ack_list (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Downgrade driver to 10.01.00.19-k There are upstream bug reports against 10.01.00.19-k which haven't been resolved. Also the newer version failed to get a proper review. For time being it's better to got with the older version and do not introduce new bugs.\n\n - scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Enable type checking for the SRB free and done callback functions (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix abort timeout race condition (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a NULL pointer dereference (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a qla24xx_enable_msix() error path (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a race condition between aborting and completing a SCSI command (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a recently introduced kernel warning (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a small typo in qla_bsg.c (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix code indentation for qla27xx_fwdt_entry (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix comment alignment in qla_bsg.c (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix comment in MODULE_PARM_DESC in qla2xxx (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix different size DMA Alloc/Unmap (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix DMA error when the DIF sg buffer crosses 4GB boundary (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix DMA unmap leak (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix driver reload for ISP82xx (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix driver unload when FC-NVMe LUNs are connected (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: fix fcport NULL pointer access (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix flash read for Qlogic ISPs (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix formatting of pointer types (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix fw dump corruption (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix fw options handle eh_bus_reset() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix gnl.l memory leak on adapter init failure (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix hang in fcport delete path (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix hardirq-unsafe locking (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix hardlockup in abort command during driver remove (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix kernel crash after disconnecting NVMe devices (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix LUN discovery if loop id is not assigned yet by firmware (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix message indicating vectors used by driver (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix N2N link reset (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix N2N link up fail (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix Nport ID display value (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix NULL pointer crash due to stale CPUID (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix NVME cmd and LS cmd timeout race condition (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix NVMe port discovery after a short device port loss (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix panic from use after free in qla2x00_async_tm_cmd (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix possible fcport NULL pointer dereferences (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix premature timer expiration (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix qla24xx_process_bidir_cmd() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix race conditions in the code for aborting SCSI commands (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix read offset in qla24xx_load_risc_flash() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix Relogin to prevent modifying scan_state flag (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix routine qla27xx_dump_(mpi|ram)() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix session cleanup hang (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix session lookup in qlt_abort_work() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: fix spelling mistake 'alredy' -> 'already' (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: fix spelling mistake 'initializatin' -> 'initialization' (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix SRB allocation flag to avoid sleeping in IRQ context (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix stale session (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix stuck login session (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix unload when NVMe devices are configured (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix use-after-free issues in qla2xxx_qpair_sp_free_dma() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: flush IO on chip reset or sess delete (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Further limit FLASH region write access from SysFS (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Improve Linux kernel coding style conformance (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Improve logging for scan thread (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Include the <asm/unaligned.h> header file from qla_dsd.h (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Increase the max_sgl_segments to 1024 (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Increase the size of the mailbox arrays from 4 to 8 (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Inline the qla2x00_fcport_event_handler() function (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Insert spaces where required (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce qla2x00_els_dcmd2_free() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce qla2xxx_get_next_handle() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce the be_id_t and le_id_t data types for FC src/dst IDs (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce the dsd32 and dsd64 data structures (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce the function qla2xxx_init_sp() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Leave a blank line after declarations (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Let the compiler check the type of the SCSI command context pointer (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Log the status code if a firmware command fails (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make it explicit that ELS pass-through IOCBs use little endian (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make qla24xx_async_abort_cmd() static (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make qla2x00_abort_srb() again decrease the sp reference count (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make qla2x00_mem_free() easier to verify (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make qla2x00_process_response_queue() easier to read (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make qlt_handle_abts_completion() more robust (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make sure that aborted commands are freed (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Modify NVMe include directives (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move debug messages before sending srb preventing panic (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: move IO flush to the front of NVME rport unregistration (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move marker request behind QPair (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move qla2x00_clear_loop_id() from qla_inline.h into qla_init.c (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move qla2x00_is_reserved_id() from qla_inline.h into qla_init.c (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move qla2x00_set_fcport_state() from a .h into a .c file (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move qla2x00_set_reserved_loop_ids() definition (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move the <linux/io-64-nonatomic-lo-hi.h> include directive (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move the port_state_str definition from a .h to a .c file (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: no need to check return value of debugfs_create functions (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: on session delete, return nvme cmd (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Optimize NPIV tear down process (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Pass little-endian values to the firmware (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Prevent memory leak for CT req/rsp allocation (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Prevent multiple ADISC commands per session (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Prevent SysFS access when chip is down (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: qla2x00_alloc_fw_dump: set ha->eft (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Really fix qla2xxx_eh_abort() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Reduce the number of casts in GID list code (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Reduce the number of forward declarations (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Reduce the scope of three local variables in qla2xxx_queuecommand() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Reject EH_(abort|device_reset|target_request) (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove a comment that refers to the SCSI host lock (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove an include directive from qla_mr.c (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove a superfluous forward declaration (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove a superfluous pointer check (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove dead code (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: remove double assignment in qla2x00_update_fcport (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove FW default template (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove qla_tgt_cmd.data_work and qla_tgt_cmd.data_work_free (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove qla_tgt_cmd.released (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: remove redundant null check on pointer sess (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove set but not used variable 'ptr_dma' (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove superfluous sts_entry_* casts (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove the fcport test from qla_nvme_abort_work() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove two superfluous casts (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove two superfluous if-tests (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove two superfluous tests (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove unnecessary locking from the target code (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove unnecessary null check (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove unreachable code from qla83xx_idc_lock() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove useless set memory to zero use memset() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove WARN_ON_ONCE in qla2x00_status_cont_entry() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Replace vmalloc + memset with vzalloc (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Report invalid mailbox status codes (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Report the firmware status code if a mailbox command fails (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Reset the FCF_ASYNC_(SENT|ACTIVE) flags (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Restore FAWWPN of Physical Port only for loop down (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Retry fabric Scan on IOCB queue full (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Rework key encoding in qlt_find_host_by_d_id() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Secure flash update support for ISP28XX (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set remote port devloss timeout to 0 (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set remove flag for all VP (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set the qpair in SRB to NULL when SRB is released (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set the responder mode if appropriate for ELS pass-through IOCBs (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set the SCSI command result before calling the command done (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Silence fwdump template message (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Silence Successful ELS IOCB message (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplification of register address used in qla_tmpl.c (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify a debug statement (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify conditional check again (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify qla24xx_abort_sp_done() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify qla24xx_async_abort_cmd() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify qlt_lport_dump() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify qlt_send_term_imm_notif() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Skip FW dump on LOOP initialization error (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Suppress a Coveritiy complaint about integer overflow (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Suppress multiple Coverity complaint about out-of-bounds accesses (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: target: Fix offline port handling and host reset handling (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Uninline qla2x00_init_timer() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Unregister resources in the opposite order of the registration order (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.00.00.13-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.00.00.14-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.15-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.16-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.18-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.19-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update flash read/write routine (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use an on-stack completion in qla24xx_control_vp() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use ARRAY_SIZE() in the definition of QLA_LAST_SPEED (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use common update-firmware-options routine for ISP27xx+ (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use complete switch scan for RSCN events (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use Correct index for Q-Pair array (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use dma_pool_zalloc() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use get/put_unaligned where appropriate (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use __le64 instead of uint32_t for sending DMA addresses to firmware (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use memcpy() and strlcpy() instead of strcpy() and strncpy() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use mutex protection during qla2x00_sysfs_read_fw_dump() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use strlcpy() instead of strncpy() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use tabs instead of spaces for indentation (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use tabs to indent code (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Verify locking assumptions at runtime (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: scsi_dh_rdac: zero cdb in send_mode_select() (bsc#1149313).\n\n - scsi: scsi_transport_fc: nvme: display FC-NVMe port roles (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: tcm_qla2xxx: Minimize #include directives (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi_transport_fc: complete requests from ->timeout (bsc#1142076).\n\n - sctp: fix the transport error_count check (networking-stable-19_08_21).\n\n - secure boot lockdown: Fix-up backport of /dev/mem access restriction The upstream-submitted patch set has evolved over time, align our patches (contents and description) to reflect the current status as far as /dev/mem access is concerned.\n\n - sky2: Disable MSI on yet another ASUS boards (P6Xxxx) (bsc#1051510).\n\n - slip: make slhc_free() silently accept an error pointer (bsc#1051510).\n\n - slip: sl_alloc(): remove unused parameter 'dev_t line' (bsc#1051510).\n\n - spi: spi-fsl-dspi: Exit the ISR with IRQ_NONE when it's not ours (bsc#1111666).\n\n - SUNRPC fix regression in umount of a secure mount (git-fixes).\n\n - SUNRPC: Handle connection breakages correctly in call_status() (git-fixes).\n\n - SUNRPC/nfs: Fix return value for nfs4_callback_compound() (git-fixes).\n\n - supported.conf: Add vfio_ccw (bsc#1151192 jsc#SLE-6138).\n\n - supported.conf: Mark vfio_ccw supported by SUSE, because bugs can be routed to IBM via SUSE support (jsc#SLE-6138, bsc#1151192).\n\n - tcp: make sure EPOLLOUT wont be missed (networking-stable-19_08_28).\n\n - team: Add vlan tx offload to hw_enc_features (bsc#1051510).\n\n - team: Add vlan tx offload to hw_enc_features (networking-stable-19_08_21).\n\n - tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for interrupts (bsc#1082555).\n\n - tty: serial: fsl_lpuart: Use appropriate lpuart32_* I/O funcs (bsc#1111666).\n\n - tun: fix use-after-free when register netdev failed (bsc#1111666).\n\n - Update patches.suse/ext4-unsupported-features.patch (SLE-8615, bsc#1149651, SLE-9243).\n\n - Update patches.suse/powerpc-powernv-Return-for-invalid-IMC-doma in.patch (bsc#1054914, git-fixes).\n\n - Update s390 config files (bsc#1151192). - VFIO_CCW=m - S390_CCW_IOMMU=y\n\n - USB: usbcore: Fix slab-out-of-bounds bug during device reset (bsc#1051510).\n\n - vhost/test: fix build for vhost test (bsc#1111666).\n\n - video: ssd1307fb: Start page range at page_offset (bsc#1113722)\n\n - wcn36xx: use dynamic allocation for large variables (bsc#1111666).\n\n - x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h (bsc#1114279).\n\n - x86/fpu: Add FPU state copying quirk to handle XRSTOR failure on Intel Skylake CPUs (bsc#1151955).\n\n - x86/tls: Fix possible spectre-v1 in do_get_thread_area() (bsc#1114279).\n\n - xen/netback: Reset nr_frags before freeing skb (networking-stable-19_08_21).\n\n - xen-netfront: do not assume sk_buff_head list is empty in error handling (bsc#1065600).\n\n - xen-netfront: do not use ~0U as error return value for xennet_fill_frags() (bsc#1065600).\n\n - xen/xenbus: fix self-deadlock after killing user process (bsc#1065600).\n\n - xsk: avoid store-tearing when assigning queues (bsc#1111666).\n\n - xsk: avoid store-tearing when assigning umem (bsc#1111666).", "cvss3": {}, "published": "2019-10-11T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2019-2308)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18595", "CVE-2019-14821", "CVE-2019-15291", "CVE-2019-9506"], "modified": "2019-12-24T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-kvmsmall", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2308.NASL", "href": "https://www.tenable.com/plugins/nessus/129807", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2308.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129807);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/24\");\n\n script_cve_id(\"CVE-2017-18595\", \"CVE-2019-14821\", \"CVE-2019-15291\", \"CVE-2019-9506\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2019-2308)\");\n script_summary(english:\"Check for the openSUSE-2019-2308 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 15.1 kernel was updated to receive various security\nand bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2019-15291: There was a NULL pointer dereference\n caused by a malicious USB device in the\n flexcop_usb_probe function in the\n drivers/media/usb/b2c2/flexcop-usb.c driver\n (bnc#1146540).\n\n - CVE-2019-14821: An out-of-bounds access issue was found\n in the way Linux kernel's KVM hypervisor implements the\n Coalesced MMIO write operation. It operates on an MMIO\n ring buffer 'struct kvm_coalesced_mmio' object, wherein\n write indices 'ring->first' and 'ring->last' value could\n be supplied by a host user-space process. An\n unprivileged host user or process with access to\n '/dev/kvm' device could use this flaw to crash the host\n kernel, resulting in a denial of service or potentially\n escalating privileges on the system (bnc#1151350).\n\n - CVE-2017-18595: A double free may be caused by the\n function allocate_trace_buffer in the file\n kernel/trace/trace.c (bnc#1149555).\n\n - CVE-2019-9506: The Bluetooth BR/EDR specification up to\n and including version 5.1 permits sufficiently low\n encryption key length and did not prevent an attacker\n from influencing the key length negotiation. This\n allowed practical brute-force attacks (aka 'KNOB') that\n can decrypt traffic and inject arbitrary ciphertext\n without the victim noticing (bnc#1137865 bnc#1146042).\n\nThe following non-security bugs were fixed :\n\n - ACPI: custom_method: fix memory leaks (bsc#1051510).\n\n - ACPI / PCI: fix acpi_pci_irq_enable() memory leak\n (bsc#1051510).\n\n - ACPI / property: Fix acpi_graph_get_remote_endpoint()\n name in kerneldoc (bsc#1051510).\n\n - alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP\n (bsc#1151680).\n\n - ALSA: aoa: onyx: always initialize register read value\n (bsc#1051510).\n\n - ALSA: firewire-tascam: check intermediate state of clock\n status and retry (bsc#1051510).\n\n - ALSA: firewire-tascam: handle error code when getting\n current source of clock (bsc#1051510).\n\n - ASoC: es8328: Fix copy-paste error in\n es8328_right_line_controls (bsc#1051510).\n\n - ASoC: Intel: Baytrail: Fix implicit fallthrough warning\n (bsc#1051510).\n\n - ASoC: sun4i-i2s: RX and TX counter registers are swapped\n (bsc#1051510).\n\n - ASoC: wm8737: Fix copy-paste error in\n wm8737_snd_controls (bsc#1051510).\n\n - ASoC: wm8988: fix typo in wm8988_right_line_controls\n (bsc#1051510).\n\n - ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet\n (bsc#1111666).\n\n - ath9k: dynack: fix possible deadlock in\n ath_dynack_node_(de)init (bsc#1051510).\n\n - atm: iphase: Fix Spectre v1 vulnerability\n (networking-stable-19_08_08).\n\n - bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA\n (bsc#1051510).\n\n - blk-flush: do not run queue for requests bypassing flush\n (bsc#1137959).\n\n - blk-flush: use blk_mq_request_bypass_insert()\n (bsc#1137959).\n\n - blk-mq: do not allocate driver tag upfront for flush rq\n (bsc#1137959).\n\n - blk-mq: Fix memory leak in blk_mq_init_allocated_queue\n error handling (bsc#1151610).\n\n - blk-mq: insert rq with DONTPREP to hctx dispatch list\n when requeue (bsc#1137959).\n\n - blk-mq: introduce blk_mq_request_completed()\n (bsc#1149446).\n\n - blk-mq: introduce blk_mq_tagset_wait_completed_request()\n (bsc#1149446).\n\n - blk-mq: kABI fixes for blk-mq.h (bsc#1137959).\n\n - blk-mq: move blk_mq_put_driver_tag*() into blk-mq.h\n (bsc#1137959).\n\n - blk-mq: punt failed direct issue to dispatch list\n (bsc#1137959).\n\n - blk-mq: put the driver tag of nxt rq before first one is\n requeued (bsc#1137959).\n\n - blk-mq-sched: decide how to handle flush rq via\n RQF_FLUSH_SEQ (bsc#1137959).\n\n - block: fix timeout changes for legacy request drivers\n (bsc#1149446).\n\n - block: kABI fixes for BLK_EH_DONE renaming\n (bsc#1142076).\n\n - block: rename BLK_EH_NOT_HANDLED to BLK_EH_DONE\n (bsc#1142076).\n\n - bnx2x: Disable multi-cos feature\n (networking-stable-19_08_08).\n\n - bonding/802.3ad: fix link_failure_count tracking\n (bsc#1137069 bsc#1141013).\n\n - bonding/802.3ad: fix slave link initialization\n transition states (bsc#1137069 bsc#1141013).\n\n - bonding: Add vlan tx offload to hw_enc_features\n (networking-stable-19_08_21).\n\n - bonding: set default miimon value for non-arp modes if\n not set (bsc#1137069 bsc#1141013).\n\n - bonding: speed/duplex update at NETDEV_UP event\n (bsc#1137069 bsc#1141013).\n\n - btrfs: fix use-after-free when using the tree\n modification log (bsc#1151891).\n\n - btrfs: qgroup: Fix reserved data space leak if we have\n multiple reserve calls (bsc#1152975).\n\n - btrfs: qgroup: Fix the wrong target io_tree when freeing\n reserved data space (bsc#1152974).\n\n - btrfs: relocation: fix use-after-free on dead relocation\n roots (bsc#1152972).\n\n - ceph: use ceph_evict_inode to cleanup inode's resource\n (bsc#1148133).\n\n - clk: at91: fix update bit maps on CFG_MOR write\n (bsc#1051510).\n\n - clk: sunxi-ng: v3s: add missing clock slices for MMC2\n module clocks (bsc#1051510).\n\n - clk: sunxi-ng: v3s: add the missing PLL_DDR1\n (bsc#1051510).\n\n - Compile nvme.ko as module (bsc#1150846)\n\n - crypto: caam - fix concurrency issue in givencrypt\n descriptor (bsc#1051510).\n\n - crypto: caam - free resources in case caam_rng\n registration failed (bsc#1051510).\n\n - crypto: caam/qi - fix error handling in ERN handler\n (bsc#1111666).\n\n - crypto: cavium/zip - Add missing single_release()\n (bsc#1051510).\n\n - crypto: ccp - Reduce maximum stack usage (bsc#1051510).\n\n - crypto: qat - Silence smp_processor_id() warning\n (bsc#1051510).\n\n - crypto: skcipher - Unmap pages after an external error\n (bsc#1051510).\n\n - dma-buf/sw_sync: Synchronize signal vs syncpt free\n (bsc#1111666).\n\n - dmaengine: dw: platform: Switch to\n acpi_dma_controller_register() (bsc#1051510).\n\n - dmaengine: iop-adma.c: fix printk format warning\n (bsc#1051510).\n\n - drivers: thermal: int340x_thermal: Fix sysfs race\n condition (bsc#1051510).\n\n - drm/i915: Fix various tracepoints for gen2 (bsc#1113722)\n\n - drm/imx: Drop unused imx-ipuv3-crtc.o build\n (bsc#1113722)\n\n - EDAC/amd64: Decode syndrome before translating address\n (bsc#1114279).\n\n - eeprom: at24: make spd world-readable again (git-fixes).\n\n - ext4: fix warning inside\n ext4_convert_unwritten_extents_endio (bsc#1152025).\n\n - ext4: set error return correctly when\n ext4_htree_store_dirent fails (bsc#1152024).\n\n - Fix kabi for: NFSv4: Fix OPEN / CLOSE race (git-fixes).\n\n - floppy: fix usercopy direction (bsc#1111666).\n\n - git-sort: add nfsd maintainers git tree This allows\n git-sort to handle patches queued for nfsd.\n\n - gpio: fix line flag validation in lineevent_create\n (bsc#1051510).\n\n - gpio: fix line flag validation in linehandle_create\n (bsc#1051510).\n\n - gpiolib: acpi: Add gpiolib_acpi_run_edge_events_on_boot\n option and blacklist (bsc#1051510).\n\n - gpiolib: only check line handle flags once\n (bsc#1051510).\n\n - gpio: Move gpiochip_lock/unlock_as_irq to gpio/driver.h\n (bsc#1051510).\n\n - hwmon: (lm75) Fix write operations for negative\n temperatures (bsc#1051510).\n\n - hwmon: (shtc1) fix shtc1 and shtw1 id mask\n (bsc#1051510).\n\n - i2c: designware: Synchronize IRQs when unregistering\n slave client (bsc#1111666).\n\n - i40e: Add support for X710 device (bsc#1151067).\n\n - ife: error out when nla attributes are empty\n (networking-stable-19_08_08).\n\n - iio: dac: ad5380: fix incorrect assignment to val\n (bsc#1051510).\n\n - Input: elan_i2c - remove Lenovo Legion Y7000 PnpID\n (bsc#1051510).\n\n - iommu/dma: Fix for dereferencing before null checking\n (bsc#1151667).\n\n - iommu: Do not use sme_active() in generic code\n (bsc#1151661).\n\n - iommu/iova: Avoid false sharing on fq_timer_on\n (bsc#1151662).\n\n - ip6_tunnel: fix possible use-after-free on xmit\n (networking-stable-19_08_08).\n\n - ipv6/addrconf: allow adding multicast addr if\n IFA_F_MCAUTOJOIN is set (networking-stable-19_08_28).\n\n - isdn/capi: check message length in capi_write()\n (bsc#1051510).\n\n - kABI: media: em28xx: fix handler for vidioc_s_input()\n (bsc#1051510). fixes kABI\n\n - kABI: media: em28xx: stop rewriting device's struct\n (bsc#1051510). fixes kABI\n\n - kABI protect struct vmem_altmap (bsc#1150305).\n\n - KVM: PPC: Book3S: Fix incorrect\n guest-to-user-translation error handling (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Check for MMU ready on piggybacked\n virtual cores (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Do not lose pending doorbell\n request on migration on P9 (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Do not push XIVE context when not\n using XIVE device (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Fix lockdep warning when entering\n the guest (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Fix race in re-enabling XIVE\n escalation interrupts (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Handle virtual mode in XIVE VCPU\n push code (bsc#1061840).\n\n - KVM: PPC: Book3S HV: XIVE: Free escalation interrupts\n before disabling the VP (bsc#1061840).\n\n - leds: leds-lp5562 allow firmware files up to the maximum\n length (bsc#1051510).\n\n - leds: trigger: gpio: GPIO 0 is valid (bsc#1051510).\n\n - libertas_tf: Use correct channel range in lbtf_geo_init\n (bsc#1051510).\n\n - libiscsi: do not try to bypass SCSI EH (bsc#1142076).\n\n - libnvdimm/altmap: Track namespace boundaries in altmap\n (bsc#1150305).\n\n - libnvdimm: prevent nvdimm from requesting key when\n security is disabled (bsc#1137982).\n\n - lightnvm: remove dependencies on BLK_DEV_NVME and PCI\n (bsc#1150846).\n\n - livepatch: Nullify obj->mod in klp_module_coming()'s\n error path (bsc#1071995).\n\n - mac80211: minstrel_ht: fix per-group max throughput rate\n initialization (bsc#1051510).\n\n - md: do not report active array_state until after\n revalidate_disk() completes (git-fixes).\n\n - md: only call set_in_sync() when it is expected to\n succeed (git-fixes).\n\n - md/raid6: Set R5_ReadError when there is read failure on\n parity disk (git-fixes).\n\n - media: atmel: atmel-isi: fix timeout value for stop\n streaming (bsc#1051510).\n\n - media: dib0700: fix link error for dibx000_i2c_set_speed\n (bsc#1051510).\n\n - media: em28xx: fix handler for vidioc_s_input()\n (bsc#1051510).\n\n - media: em28xx: stop rewriting device's struct\n (bsc#1051510).\n\n - media: fdp1: Reduce FCP not found message level to debug\n (bsc#1051510).\n\n - media: marvell-ccic: do not generate EOF on parallel bus\n (bsc#1051510).\n\n - media: mc-device.c: do not memset __user pointer\n contents (bsc#1051510).\n\n - media: ov6650: Fix sensor possibly not detected on probe\n (bsc#1051510).\n\n - media: ov6650: Move v4l2_clk_get() to\n ov6650_video_probe() helper (bsc#1051510).\n\n - media: replace strcpy() by strscpy() (bsc#1051510).\n\n - media: Revert '[media] marvell-ccic: reset ccic phy when\n stop streaming for stability' (bsc#1051510).\n\n - media: technisat-usb2: break out of loop at end of\n buffer (bsc#1051510).\n\n - media: tm6000: double free if usb disconnect while\n streaming (bsc#1051510).\n\n - media: vb2: Fix videobuf2 to map correct area\n (bsc#1051510).\n\n - mic: avoid statically declaring a 'struct device'\n (bsc#1051510).\n\n - mmc: sdhci-msm: fix mutex while in spinlock\n (bsc#1142635).\n\n - mmc: sdhci-of-arasan: Do now show error message in case\n of deffered probe (bsc#1119086).\n\n - mtd: spi-nor: Fix Cadence QSPI RCU Schedule Stall\n (bsc#1051510).\n\n - mvpp2: refactor MTU change code\n (networking-stable-19_08_08).\n\n - net: bridge: delete local fdb on device init failure\n (networking-stable-19_08_08).\n\n - net: bridge: mcast: do not delete permanent entries when\n fast leave is enabled (networking-stable-19_08_08).\n\n - net: fix ifindex collision during namespace removal\n (networking-stable-19_08_08).\n\n - net/ibmvnic: prevent more than one thread from running\n in reset (bsc#1152457 ltc#174432).\n\n - net/ibmvnic: unlock rtnl_lock in reset so\n linkwatch_event can run (bsc#1152457 ltc#174432).\n\n - net/mlx5e: Only support tx/rx pause setting for port\n owner (networking-stable-19_08_21).\n\n - net/mlx5e: Prevent encap flow counter update async to\n user query (networking-stable-19_08_08).\n\n - net/mlx5e: Use flow keys dissector to parse packets for\n ARFS (networking-stable-19_08_21).\n\n - net/mlx5: Use reversed order when unregister devices\n (networking-stable-19_08_08).\n\n - net/packet: fix race in tpacket_snd()\n (networking-stable-19_08_21).\n\n - net: sched: Fix a possible NULL pointer dereference in\n dequeue_func() (networking-stable-19_08_08).\n\n - net/smc: make sure EPOLLOUT is raised\n (networking-stable-19_08_28).\n\n - NFS4: Fix v4.0 client state corruption when mount\n (git-fixes).\n\n - nfsd: degraded slot-count more gracefully as allocation\n nears exhaustion (bsc#1150381).\n\n - nfsd: Do not release the callback slot unless it was\n actually held (git-fixes).\n\n - nfsd: Fix overflow causing non-working mounts on 1 TB\n machines (bsc#1150381).\n\n - nfsd: fix performance-limiting session calculation\n (bsc#1150381).\n\n - nfsd: give out fewer session slots as limit approaches\n (bsc#1150381).\n\n - nfsd: handle drc over-allocation gracefully\n (bsc#1150381).\n\n - nfsd: increase DRC cache limit (bsc#1150381).\n\n - NFS: Do not interrupt file writeout due to fatal errors\n (git-fixes).\n\n - NFS: Do not open code clearing of delegation state\n (git-fixes).\n\n - NFS: Ensure O_DIRECT reports an error if the bytes\n read/written is 0 (git-fixes).\n\n - NFS: Fix regression whereby fscache errors are appearing\n on 'nofsc' mounts (git-fixes).\n\n - NFS: Forbid setting AF_INET6 to 'struct\n sockaddr_in'->sin_family (git-fixes).\n\n - NFS: Refactor nfs_lookup_revalidate() (git-fixes).\n\n - NFS: Remove redundant semicolon (git-fixes).\n\n - NFSv4.1: Again fix a race where CB_NOTIFY_LOCK fails to\n wake a waiter (git-fixes).\n\n - NFSv4.1: Fix open stateid recovery (git-fixes).\n\n - NFSv4.1: Only reap expired delegations (git-fixes).\n\n - NFSv4: Check the return value of update_open_stateid()\n (git-fixes).\n\n - NFSv4: Fix an Oops in nfs4_do_setattr (git-fixes).\n\n - NFSv4: Fix a potential sleep while atomic in\n nfs4_do_reclaim() (git-fixes).\n\n - NFSv4: Fix delegation state recovery (git-fixes).\n\n - NFSv4: Fix lookup revalidate of regular files\n (git-fixes).\n\n - NFSv4: Fix OPEN / CLOSE race (git-fixes).\n\n - NFSv4: Handle the special Linux file open access mode\n (git-fixes).\n\n - NFSv4: Only pass the delegation to setattr if we're\n sending a truncate (git-fixes).\n\n - NFSv4/pnfs: Fix a page lock leak in nfs_pageio_resend()\n (git-fixes).\n\n - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds\n (bsc#1051510).\n\n - null_blk: complete requests from ->timeout\n (bsc#1149446).\n\n - null_blk: wire up timeouts (bsc#1149446).\n\n - nvme: do not abort completed request in\n nvme_cancel_request (bsc#1149446).\n\n - nvme: fix multipath crash when ANA is deactivated\n (bsc#1149446).\n\n - nvme: fix multipath crash when ANA is deactivated\n (bsc#1149446).\n\n - nvmem: Use the same permissions for eeprom as for nvmem\n (git-fixes).\n\n - nvme-rdma: Allow DELETING state change failure in\n (bsc#1104967,).\n\n - nvme-rdma: centralize admin/io queue teardown sequence\n (bsc#1142076).\n\n - nvme-rdma: centralize controller setup sequence\n (bsc#1142076).\n\n - nvme-rdma: fix a NULL deref when an admin connect times\n out (bsc#1149446).\n\n - nvme-rdma: fix a NULL deref when an admin connect times\n out (bsc#1149446).\n\n - nvme-rdma: fix timeout handler (bsc#1149446).\n\n - nvme-rdma: fix timeout handler (bsc#1149446).\n\n - nvme-rdma: remove redundant reference between ib_device\n and tagset (bsc#149446).\n\n - nvme-rdma: stop admin queue before freeing it\n (bsc#1140155).\n\n - nvme-rdma: support up to 4 segments of inline data\n (bsc#1142076).\n\n - nvme-rdma: unquiesce queues when deleting the controller\n (bsc#1142076).\n\n - nvme-rdma: use dynamic dma mapping per command\n (bsc#1149446).\n\n - nvme: remove ns sibling before clearing path\n (bsc#1140155).\n\n - nvme: return BLK_EH_DONE from ->timeout (bsc#1142076).\n\n - nvme-tcp: fix a NULL deref when an admin connect times\n out (bsc#1149446).\n\n - nvme-tcp: fix timeout handler (bsc#1149446).\n\n - nvme: wait until all completed request's complete fn is\n called (bsc#1149446).\n\n - PCI: Add ACS quirk for Amazon Annapurna Labs root ports\n (bsc#1152187,bsc#1152525).\n\n - PCI: Add Amazon's Annapurna Labs vendor ID\n (bsc#1152187,bsc#1152525).\n\n - PCI: Add quirk to disable MSI-X support for Amazon's\n Annapurna Labs Root Port (bsc#1152187,bsc#1152525).\n\n - PCI: hv: Detect and fix Hyper-V PCI domain number\n collision (bsc#1150423).\n\n - PCI/VPD: Prevent VPD access for Amazon's Annapurna Labs\n Root Port (bsc#1152187,bsc#1152525).\n\n - phy: renesas: rcar-gen3-usb2: Disable clearing VBUS in\n over-current (bsc#1051510).\n\n - platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to\n critclk_systems DMI table (bsc#1051510).\n\n - PM: sleep: Fix possible overflow in\n pm_system_cancel_wakeup() (bsc#1051510).\n\n - PNFS fallback to MDS if no deviceid found (git-fixes).\n\n - pnfs/flexfiles: Fix PTR_ERR() dereferences in\n ff_layout_track_ds_error (git-fixes).\n\n - pNFS/flexfiles: Turn off soft RPC calls (git-fixes).\n\n - powerpc/64: Make sys_switch_endian() traceable\n (bsc#1065729).\n\n - powerpc/64s/radix: Fix MADV_[FREE|DONTNEED] TLB flush\n miss problem with THP (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Fix memory hotplug section page table\n creation (bsc#1065729).\n\n - powerpc/64s/radix: Fix memory hot-unplug page table\n split (bsc#1065729).\n\n - powerpc/64s/radix: Implement _tlbie(l)_va_range flush\n functions (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Improve preempt handling in TLB code\n (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Improve TLB flushing for page table\n freeing (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Introduce local single page ceiling\n for TLB range flush (bsc#1055117 bsc#1152161\n ltc#181664).\n\n - powerpc/64s/radix: Optimize flush_tlb_range (bsc#1152161\n ltc#181664).\n\n - powerpc/book3s64/mm: Do not do tlbie fixup for some\n hardware revisions (bsc#1152161 ltc#181664).\n\n - powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG\n feature flag (bsc#1152161 ltc#181664).\n\n - powerpc: bpf: Fix generation of load/store DW\n instructions (bsc#1065729).\n\n - powerpc/bpf: use unsigned division instruction for\n 64-bit operations (bsc#1065729).\n\n - powerpc: Drop page_is_ram() and walk_system_ram_range()\n (bsc#1065729).\n\n - powerpc/irq: Do not WARN continuously in\n arch_local_irq_restore() (bsc#1065729).\n\n - powerpc/irq: drop arch_early_irq_init() (bsc#1065729).\n\n - powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue\n on POWER9 (bsc#1152161 ltc#181664).\n\n - powerpc/mm/radix: Drop unneeded NULL check (bsc#1152161\n ltc#181664).\n\n - powerpc/mm/radix: implement LPID based TLB flushes to be\n used by KVM (bsc#1152161 ltc#181664).\n\n - powerpc/mm: Simplify page_is_ram by using\n memblock_is_memory (bsc#1065729).\n\n - powerpc/mm: Use memblock API for PPC32 page_is_ram\n (bsc#1065729).\n\n - powerpc/module64: Fix comment in R_PPC64_ENTRY handling\n (bsc#1065729).\n\n - powerpc/papr_scm: Fix an off-by-one check in\n papr_scm_meta_(get, set) (bsc#1152243 ltc#181472).\n\n - powerpc/powernv: Fix compile without CONFIG_TRACEPOINTS\n (bsc#1065729).\n\n - powerpc/powernv/ioda2: Allocate TCE table levels on\n demand for default DMA window (bsc#1061840).\n\n - powerpc/powernv/ioda: Fix race in TCE level allocation\n (bsc#1061840).\n\n - powerpc/powernv: move OPAL call wrapper tracing and\n interrupt handling to C (bsc#1065729).\n\n - powerpc/powernv/npu: Remove obsolete comment about\n TCE_KILL_INVAL_ALL (bsc#1065729).\n\n - powerpc/pseries: Call H_BLOCK_REMOVE when supported\n (bsc#1109158).\n\n - powerpc/pseries: Fix cpu_hotplug_lock acquisition in\n resize_hpt() (bsc#1065729).\n\n - powerpc/pseries/memory-hotplug: Fix return value type of\n find_aa_index (bsc#1065729).\n\n - powerpc/pseries: Read TLB Block Invalidate\n Characteristics (bsc#1109158).\n\n - powerpc/ptrace: Simplify vr_get/set() to avoid GCC\n warning (bsc#1148868).\n\n - powerpc/xive: Fix bogus error code returned by OPAL\n (bsc#1065729).\n\n - powerpc/xive: Implement get_irqchip_state method for\n XIVE to fix shutdown race (bsc#1065729).\n\n - powerpc/xmon: Fix opcode being uninitialized in\n print_insn_powerpc (bsc#1065729).\n\n - power: reset: gpio-restart: Fix typo when gpio reset is\n not found (bsc#1051510).\n\n - power: supply: Init device wakeup after device_add()\n (bsc#1051510).\n\n - ppp: Fix memory leak in ppp_write (git-fixes).\n\n - printk: Do not lose last line in kmsg buffer dump\n (bsc#1152460).\n\n - printk: fix printk_time race (bsc#1152466).\n\n - printk/panic: Avoid deadlock in printk() after stopping\n CPUs by NMI (bsc#1148712).\n\n - qla2xxx: kABI fixes for v10.01.00.18-k (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - qla2xxx: remove SGI SN2 support (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - quota: fix wrong condition in is_quota_modification()\n (bsc#1152026).\n\n - r8152: Set memory to all 0xFFs on failed reg reads\n (bsc#1051510).\n\n - Refresh\n scsi-qla2xxx-Capture-FW-dump-on-MPI-heartbeat-stop-e.pat\n ch 882ffc9f07fb ('scsi: qla2xxx: Capture FW dump on MPI\n heartbeat stop event (bsc#1123034 bsc#1131304\n bsc#1127988).') placed the 'vha->hw->fw_dump_mpi = 0'\n assigment into the __CHECKER__ section. Upstream placed\n the assigment before this section.\n\n - regulator: lm363x: Fix off-by-one n_voltages for lm3632\n ldo_vpos/ldo_vneg (bsc#1051510).\n\n - Remove\n patches.kabi/kABI-fixes-for-qla2xxx-Fix-inconsistent-DMA\n -mem-allo.patch The qla2xxx driver has been whitelisted\n by 1d5e8aad6de2 ('kabi/severities: ignore qla2xxx as all\n symbols are internal')\n\n - Revert 'mwifiex: fix system hang problem after resume'\n (bsc#1051510).\n\n - rtlwifi: Fix file release memory leak (bsc#1111666).\n\n - scsi: qla2xxx: Add 28xx flash primary/secondary\n status/image mechanism (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Add Device ID for ISP28XX (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add error handling for PLOGI ELS\n passthrough (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add First Burst support for FC-NVMe\n devices (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add fw_attr and port_no SysFS node\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add new FW dump template entry types\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add pci function reset support\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add protection mask module parameters\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add Serdes support for ISP28XX\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add support for multiple fwdump\n templates/segments (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Add support for setting port speed\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Allow NVMe IO to resume with short cable\n pull (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: allow session delete to finish before\n create (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Always check the\n qla2x00_wait_for_hba_online() return value (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Avoid PCI IRQ affinity mapping when\n multiqueue is not supported (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: avoid printf format warning (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Avoid that Coverity complains about\n dereferencing a NULL rport pointer (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Avoid that lockdep complains about unsafe\n locking in tcm_qla2xxx_close_session() (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Avoid that qla2x00_mem_free() crashes if\n called twice (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Capture FW dump on MPI heartbeat stop\n event (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Change abort wait_loop from msleep to\n wait_event_timeout (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Change data_dsd into an array\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Change default ZIO threshold (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Change the return type of\n qla24xx_read_flash_data() (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Change the return type of\n qla2x00_update_ms_fdmi_iocb() into void (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Check for FW started flag before aborting\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: check for kstrtol() failure (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Check for MB timeout while capturing\n ISP27/28xx FW dump (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Check secondary image if reading the\n primary image fails (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Check the PCI info string output buffer\n size (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Check the size of firmware data\n structures at compile time (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Cleanup fcport memory to prevent leak\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Cleanup redundant qla2x00_abort_all_cmds\n during unload (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Cleanups for NVRAM/Flash read/write path\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: cleanup trace buffer initialization\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if a command is released that is\n owned by the firmware (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Complain if a mailbox command times out\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if a soft reset fails\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if parsing the version string\n fails (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if sp->done() is not called from\n the completion path (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Complain if waiting for pending commands\n times out (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain loudly about reference count\n underflow (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Correct error handling during\n initialization failures (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Correction and improvement to fwdt\n processing (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Correctly report max/min supported speeds\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: deadlock by configfs_depend_item\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare fourth qla2x00_set_model_info()\n argument const (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare local symbols static (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare qla24xx_build_scsi_crc_2_iocbs()\n static (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare qla2x00_find_new_loop_id() static\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare qla_tgt_cmd.cdb const\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare the fourth ql_dump_buffer()\n argument const (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Disable T10-DIF feature with FC-NVMe\n during probe (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Do not corrupt vha->plogi_ack_list\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Downgrade driver to 10.01.00.19-k There\n are upstream bug reports against 10.01.00.19-k which\n haven't been resolved. Also the newer version failed to\n get a proper review. For time being it's better to got\n with the older version and do not introduce new bugs.\n\n - scsi: qla2xxx: Dual FCP-NVMe target port support\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Enable type checking for the SRB free and\n done callback functions (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Fix abort timeout race condition\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a NULL pointer dereference\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a qla24xx_enable_msix() error path\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a race condition between aborting and\n completing a SCSI command (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Fix a recently introduced kernel warning\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a small typo in qla_bsg.c\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix code indentation for\n qla27xx_fwdt_entry (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Fix comment alignment in qla_bsg.c\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix comment in MODULE_PARM_DESC in\n qla2xxx (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix different size DMA Alloc/Unmap\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix DMA error when the DIF sg buffer\n crosses 4GB boundary (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Fix DMA unmap leak (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix driver reload for ISP82xx\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix driver unload when FC-NVMe LUNs are\n connected (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: fix fcport NULL pointer access\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix flash read for Qlogic ISPs\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix formatting of pointer types\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix fw dump corruption (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix fw options handle eh_bus_reset()\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix gnl.l memory leak on adapter init\n failure (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix hang in fcport delete path\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix hardirq-unsafe locking (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix hardlockup in abort command during\n driver remove (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix kernel crash after disconnecting NVMe\n devices (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix LUN discovery if loop id is not\n assigned yet by firmware (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Fix message indicating vectors used by\n driver (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix N2N link reset (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix N2N link up fail (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix Nport ID display value (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix NULL pointer crash due to stale CPUID\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix NVME cmd and LS cmd timeout race\n condition (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix NVMe port discovery after a short\n device port loss (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix panic from use after free in\n qla2x00_async_tm_cmd (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Fix possible fcport NULL pointer\n dereferences (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix premature timer expiration\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix qla24xx_process_bidir_cmd()\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix race conditions in the code for\n aborting SCSI commands (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Fix read offset in\n qla24xx_load_risc_flash() (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Fix Relogin to prevent modifying\n scan_state flag (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix routine qla27xx_dump_(mpi|ram)()\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix session cleanup hang (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix session lookup in qlt_abort_work()\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: fix spelling mistake 'alredy' ->\n 'already' (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: fix spelling mistake 'initializatin' ->\n 'initialization' (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix SRB allocation flag to avoid sleeping\n in IRQ context (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix stale mem access on driver unload\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix stale session (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix stuck login session (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix unbound sleep in fcport delete path\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix unload when NVMe devices are\n configured (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix use-after-free issues in\n qla2xxx_qpair_sp_free_dma() (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: flush IO on chip reset or sess delete\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Further limit FLASH region write access\n from SysFS (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Improve Linux kernel coding style\n conformance (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Improve logging for scan thread\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Include the <asm/unaligned.h> header file\n from qla_dsd.h (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Increase the max_sgl_segments to 1024\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Increase the size of the mailbox arrays\n from 4 to 8 (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Inline the qla2x00_fcport_event_handler()\n function (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Insert spaces where required (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce qla2x00_els_dcmd2_free()\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce qla2xxx_get_next_handle()\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce the be_id_t and le_id_t data\n types for FC src/dst IDs (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Introduce the dsd32 and dsd64 data\n structures (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce the function qla2xxx_init_sp()\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Leave a blank line after declarations\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Let the compiler check the type of the\n SCSI command context pointer (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Log the status code if a firmware command\n fails (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make it explicit that ELS pass-through\n IOCBs use little endian (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Make qla24xx_async_abort_cmd() static\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make qla2x00_abort_srb() again decrease\n the sp reference count (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Make qla2x00_mem_free() easier to verify\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make qla2x00_process_response_queue()\n easier to read (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make qlt_handle_abts_completion() more\n robust (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make sure that aborted commands are freed\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Modify NVMe include directives\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move debug messages before sending srb\n preventing panic (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: move IO flush to the front of NVME rport\n unregistration (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move marker request behind QPair\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move qla2x00_clear_loop_id() from\n qla_inline.h into qla_init.c (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Move qla2x00_is_reserved_id() from\n qla_inline.h into qla_init.c (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Move qla2x00_set_fcport_state() from a .h\n into a .c file (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move qla2x00_set_reserved_loop_ids()\n definition (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move the <linux/io-64-nonatomic-lo-hi.h>\n include directive (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move the port_state_str definition from a\n .h to a .c file (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: no need to check return value of\n debugfs_create functions (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: on session delete, return nvme cmd\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Optimize NPIV tear down process\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Pass little-endian values to the firmware\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Prevent memory leak for CT req/rsp\n allocation (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Prevent multiple ADISC commands per\n session (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Prevent SysFS access when chip is down\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: qla2x00_alloc_fw_dump: set ha->eft\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Really fix qla2xxx_eh_abort()\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Reduce the number of casts in GID list\n code (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Reduce the number of forward declarations\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Reduce the scope of three local variables\n in qla2xxx_queuecommand() (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Reject\n EH_(abort|device_reset|target_request) (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove a comment that refers to the SCSI\n host lock (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove an include directive from qla_mr.c\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove a set-but-not-used variable\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove a superfluous forward declaration\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove a superfluous pointer check\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove dead code (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: remove double assignment in\n qla2x00_update_fcport (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Remove FW default template (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove qla_tgt_cmd.data_work and\n qla_tgt_cmd.data_work_free (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Remove qla_tgt_cmd.released (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: remove redundant null check on pointer\n sess (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove set but not used variable\n 'ptr_dma' (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove superfluous sts_entry_* casts\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove the fcport test from\n qla_nvme_abort_work() (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Remove two superfluous casts (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove two superfluous if-tests\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove two superfluous tests (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove unnecessary locking from the\n target code (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove unnecessary null check\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove unreachable code from\n qla83xx_idc_lock() (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Remove useless set memory to zero use\n memset() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove WARN_ON_ONCE in\n qla2x00_status_cont_entry() (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Replace vmalloc + memset with vzalloc\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Report invalid mailbox status codes\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Report the firmware status code if a\n mailbox command fails (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Reset the FCF_ASYNC_(SENT|ACTIVE) flags\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Restore FAWWPN of Physical Port only for\n loop down (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Retry fabric Scan on IOCB queue full\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Rework key encoding in\n qlt_find_host_by_d_id() (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Secure flash update support for ISP28XX\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set remote port devloss timeout to 0\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set remove flag for all VP (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set the qpair in SRB to NULL when SRB is\n released (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set the responder mode if appropriate for\n ELS pass-through IOCBs (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Set the SCSI command result before\n calling the command done (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Silence fwdump template message\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Silence Successful ELS IOCB message\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplification of register address used\n in qla_tmpl.c (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify a debug statement (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify conditional check again\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify qla24xx_abort_sp_done()\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify qla24xx_async_abort_cmd()\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify qlt_lport_dump() (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify qlt_send_term_imm_notif()\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Skip FW dump on LOOP initialization error\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Suppress a Coveritiy complaint about\n integer overflow (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Suppress multiple Coverity complaint\n about out-of-bounds accesses (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: target: Fix offline port handling and\n host reset handling (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Uninline qla2x00_init_timer()\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Unregister resources in the opposite\n order of the registration order (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.00.00.13-k\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.00.00.14-k\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.15-k\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.16-k\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.18-k\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.19-k\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.20-k\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update flash read/write routine\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use an on-stack completion in\n qla24xx_control_vp() (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Use ARRAY_SIZE() in the definition of\n QLA_LAST_SPEED (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use common update-firmware-options\n routine for ISP27xx+ (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Use complete switch scan for RSCN events\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use Correct index for Q-Pair array\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use dma_pool_zalloc() (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use get/put_unaligned where appropriate\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use __le64 instead of uint32_t for\n sending DMA addresses to firmware (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use memcpy() and strlcpy() instead of\n strcpy() and strncpy() (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Use mutex protection during\n qla2x00_sysfs_read_fw_dump() (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Use strlcpy() instead of strncpy()\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use tabs instead of spaces for\n indentation (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use tabs to indent code (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Verify locking assumptions at runtime\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: scsi_dh_rdac: zero cdb in send_mode_select()\n (bsc#1149313).\n\n - scsi: scsi_transport_fc: nvme: display FC-NVMe port\n roles (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: tcm_qla2xxx: Minimize #include directives\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi_transport_fc: complete requests from ->timeout\n (bsc#1142076).\n\n - sctp: fix the transport error_count check\n (networking-stable-19_08_21).\n\n - secure boot lockdown: Fix-up backport of /dev/mem access\n restriction The upstream-submitted patch set has evolved\n over time, align our patches (contents and description)\n to reflect the current status as far as /dev/mem access\n is concerned.\n\n - sky2: Disable MSI on yet another ASUS boards (P6Xxxx)\n (bsc#1051510).\n\n - slip: make slhc_free() silently accept an error pointer\n (bsc#1051510).\n\n - slip: sl_alloc(): remove unused parameter 'dev_t line'\n (bsc#1051510).\n\n - spi: spi-fsl-dspi: Exit the ISR with IRQ_NONE when it's\n not ours (bsc#1111666).\n\n - SUNRPC fix regression in umount of a secure mount\n (git-fixes).\n\n - SUNRPC: Handle connection breakages correctly in\n call_status() (git-fixes).\n\n - SUNRPC/nfs: Fix return value for\n nfs4_callback_compound() (git-fixes).\n\n - supported.conf: Add vfio_ccw (bsc#1151192 jsc#SLE-6138).\n\n - supported.conf: Mark vfio_ccw supported by SUSE, because\n bugs can be routed to IBM via SUSE support\n (jsc#SLE-6138, bsc#1151192).\n\n - tcp: make sure EPOLLOUT wont be missed\n (networking-stable-19_08_28).\n\n - team: Add vlan tx offload to hw_enc_features\n (bsc#1051510).\n\n - team: Add vlan tx offload to hw_enc_features\n (networking-stable-19_08_21).\n\n - tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for\n interrupts (bsc#1082555).\n\n - tty: serial: fsl_lpuart: Use appropriate lpuart32_* I/O\n funcs (bsc#1111666).\n\n - tun: fix use-after-free when register netdev failed\n (bsc#1111666).\n\n - Update patches.suse/ext4-unsupported-features.patch\n (SLE-8615, bsc#1149651, SLE-9243).\n\n - Update\n patches.suse/powerpc-powernv-Return-for-invalid-IMC-doma\n in.patch (bsc#1054914, git-fixes).\n\n - Update s390 config files (bsc#1151192). - VFIO_CCW=m -\n S390_CCW_IOMMU=y\n\n - USB: usbcore: Fix slab-out-of-bounds bug during device\n reset (bsc#1051510).\n\n - vhost/test: fix build for vhost test (bsc#1111666).\n\n - video: ssd1307fb: Start page range at page_offset\n (bsc#1113722)\n\n - wcn36xx: use dynamic allocation for large variables\n (bsc#1111666).\n\n - x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family\n 15h/16h (bsc#1114279).\n\n - x86/fpu: Add FPU state copying quirk to handle XRSTOR\n failure on Intel Skylake CPUs (bsc#1151955).\n\n - x86/tls: Fix possible spectre-v1 in do_get_thread_area()\n (bsc#1114279).\n\n - xen/netback: Reset nr_frags before freeing skb\n (networking-stable-19_08_21).\n\n - xen-netfront: do not assume sk_buff_head list is empty\n in error handling (bsc#1065600).\n\n - xen-netfront: do not use ~0U as error return value for\n xennet_fill_frags() (bsc#1065600).\n\n - xen/xenbus: fix self-deadlock after killing user process\n (bsc#1065600).\n\n - xsk: avoid store-tearing when assigning queues\n (bsc#1111666).\n\n - xsk: avoid store-tearing when assigning umem\n (bsc#1111666).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1054914\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1055117\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1061840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1071995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1127988\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1131304\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1137069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1137865\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1137959\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1137982\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142076\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146042\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1148133\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1148712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1148868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1149313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1149446\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1149555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1149651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150305\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150846\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151350\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151661\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151662\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152024\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152026\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152243\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152457\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152460\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152975\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-base-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-base-debuginfo-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-debuginfo-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-debugsource-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-devel-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-devel-debuginfo-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-base-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-base-debuginfo-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-debuginfo-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-debugsource-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-devel-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-devel-debuginfo-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-devel-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-docs-html-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-base-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-base-debuginfo-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-debuginfo-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-debugsource-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-devel-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-devel-debuginfo-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-macros-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-obs-build-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-obs-build-debugsource-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-obs-qa-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-source-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-source-vanilla-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-syms-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-base-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-debuginfo-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-debugsource-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-devel-4.12.14-lp151.28.20.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-devel-debuginfo-4.12.14-lp151.28.20.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-debug-base / kernel-debug-base-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:29:34", "description": "The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2019-15291: There was a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540).\n\n - CVE-2019-14821: An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could have used this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system (bnc#1151350).\n\n - CVE-2017-18595: A double free might have been caused by the function allocate_trace_buffer in the file kernel/trace/trace.c (bnc#1149555).\n\n - CVE-2019-9506: The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and did not prevent an attacker from influencing the key length negotiation. This allowed practical brute-force attacks (aka 'KNOB') that can decrypt traffic and inject arbitrary ciphertext without the victim noticing (bnc#1137865 1146042).\n\nThe following non-security bugs were fixed :\n\n - ACPI: custom_method: fix memory leaks (bsc#1051510).\n\n - ACPI / PCI: fix acpi_pci_irq_enable() memory leak (bsc#1051510).\n\n - ACPI / property: Fix acpi_graph_get_remote_endpoint() name in kerneldoc (bsc#1051510).\n\n - alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP (bsc#1151680).\n\n - ALSA: aoa: onyx: always initialize register read value (bsc#1051510).\n\n - ALSA: firewire-tascam: check intermediate state of clock status and retry (bsc#1051510).\n\n - ALSA: firewire-tascam: handle error code when getting current source of clock (bsc#1051510).\n\n - ASoC: es8328: Fix copy-paste error in es8328_right_line_controls (bsc#1051510).\n\n - ASoC: Intel: Baytrail: Fix implicit fallthrough warning (bsc#1051510).\n\n - ASoC: sun4i-i2s: RX and TX counter registers are swapped (bsc#1051510).\n\n - ASoC: wm8737: Fix copy-paste error in wm8737_snd_controls (bsc#1051510).\n\n - ASoC: wm8988: fix typo in wm8988_right_line_controls (bsc#1051510).\n\n - ath9k: dynack: fix possible deadlock in ath_dynack_node_(de)init (bsc#1051510).\n\n - atm: iphase: Fix Spectre v1 vulnerability (networking-stable-19_08_08).\n\n - bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA (bsc#1051510).\n\n - blk-flush: do not run queue for requests bypassing flush (bsc#1137959).\n\n - blk-flush: use blk_mq_request_bypass_insert() (bsc#1137959).\n\n - blk-mq: do not allocate driver tag upfront for flush rq (bsc#1137959).\n\n - blk-mq: Fix memory leak in blk_mq_init_allocated_queue error handling (bsc#1151610).\n\n - blk-mq: insert rq with DONTPREP to hctx dispatch list when requeue (bsc#1137959).\n\n - blk-mq: kABI fixes for blk-mq.h (bsc#1137959).\n\n - blk-mq: move blk_mq_put_driver_tag*() into blk-mq.h (bsc#1137959).\n\n - blk-mq: punt failed direct issue to dispatch list (bsc#1137959).\n\n - blk-mq: put the driver tag of nxt rq before first one is requeued (bsc#1137959).\n\n - blk-mq-sched: decide how to handle flush rq via RQF_FLUSH_SEQ (bsc#1137959).\n\n - block: fix timeout changes for legacy request drivers (bsc#1149446).\n\n - block: kABI fixes for BLK_EH_DONE renaming (bsc#1142076).\n\n - block: rename BLK_EH_NOT_HANDLED to BLK_EH_DONE (bsc#1142076).\n\n - bnx2x: Disable multi-cos feature (networking-stable-19_08_08).\n\n - bonding/802.3ad: fix link_failure_count tracking (bsc#1137069 bsc#1141013).\n\n - bonding/802.3ad: fix slave link initialization transition states (bsc#1137069 bsc#1141013).\n\n - bonding: Add vlan tx offload to hw_enc_features (networking-stable-19_08_21).\n\n - bonding: set default miimon value for non-arp modes if not set (bsc#1137069 bsc#1141013).\n\n - bonding: speed/duplex update at NETDEV_UP event (bsc#1137069 bsc#1141013).\n\n - btrfs: fix use-after-free when using the tree modification log (bsc#1151891).\n\n - btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls (bsc#1152975).\n\n - btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space (bsc#1152974).\n\n - btrfs: relocation: fix use-after-free on dead relocation roots (bsc#1152972).\n\n - ceph: use ceph_evict_inode to cleanup inode's resource (bsc#1148133).\n\n - clk: at91: fix update bit maps on CFG_MOR write (bsc#1051510).\n\n - clk: sunxi-ng: v3s: add missing clock slices for MMC2 module clocks (bsc#1051510).\n\n - clk: sunxi-ng: v3s: add the missing PLL_DDR1 (bsc#1051510).\n\n - crypto: caam - fix concurrency issue in givencrypt descriptor (bsc#1051510).\n\n - crypto: caam - free resources in case caam_rng registration failed (bsc#1051510).\n\n - crypto: cavium/zip - Add missing single_release() (bsc#1051510).\n\n - crypto: ccp - Reduce maximum stack usage (bsc#1051510).\n\n - crypto: qat - Silence smp_processor_id() warning (bsc#1051510).\n\n - crypto: skcipher - Unmap pages after an external error (bsc#1051510).\n\n - dmaengine: dw: platform: Switch to acpi_dma_controller_register() (bsc#1051510).\n\n - dmaengine: iop-adma.c: fix printk format warning (bsc#1051510).\n\n - drivers: thermal: int340x_thermal: Fix sysfs race condition (bsc#1051510).\n\n - drm/i915: Fix various tracepoints for gen2 (bsc#1113722)\n\n - drm/imx: Drop unused imx-ipuv3-crtc.o build (bsc#1113722)\n\n - EDAC/amd64: Decode syndrome before translating address (bsc#1114279).\n\n - eeprom: at24: make spd world-readable again (git-fixes).\n\n - ext4: fix warning inside ext4_convert_unwritten_extents_endio (bsc#1152025).\n\n - ext4: set error return correctly when ext4_htree_store_dirent fails (bsc#1152024).\n\n - Fix kabi for: NFSv4: Fix OPEN / CLOSE race (git-fixes).\n\n - git-sort: add nfsd maintainers git tree This allows git-sort to handle patches queued for nfsd.\n\n - gpio: fix line flag validation in lineevent_create (bsc#1051510).\n\n - gpio: fix line flag validation in linehandle_create (bsc#1051510).\n\n - gpiolib: acpi: Add gpiolib_acpi_run_edge_events_on_boot option and blacklist (bsc#1051510).\n\n - gpiolib: only check line handle flags once (bsc#1051510).\n\n - gpio: Move gpiochip_lock/unlock_as_irq to gpio/driver.h (bsc#1051510).\n\n - hwmon: (lm75) Fix write operations for negative temperatures (bsc#1051510).\n\n - hwmon: (shtc1) fix shtc1 and shtw1 id mask (bsc#1051510).\n\n - ife: error out when nla attributes are empty (networking-stable-19_08_08).\n\n - iio: dac: ad5380: fix incorrect assignment to val (bsc#1051510).\n\n - Input: elan_i2c - remove Lenovo Legion Y7000 PnpID (bsc#1051510).\n\n - iommu/dma: Fix for dereferencing before null checking (bsc#1151667).\n\n - ip6_tunnel: fix possible use-after-free on xmit (networking-stable-19_08_08).\n\n - ipv6/addrconf: allow adding multicast addr if IFA_F_MCAUTOJOIN is set (networking-stable-19_08_28).\n\n - isdn/capi: check message length in capi_write() (bsc#1051510).\n\n - kABI: media: em28xx: fix handler for vidioc_s_input() (bsc#1051510). fixes kABI\n\n - kABI: media: em28xx: stop rewriting device's struct (bsc#1051510). fixes kABI\n\n - KVM: PPC: Book3S: Fix incorrect guest-to-user-translation error handling (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Check for MMU ready on piggybacked virtual cores (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Do not lose pending doorbell request on migration on P9 (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Do not push XIVE context when not using XIVE device (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Fix lockdep warning when entering the guest (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Fix race in re-enabling XIVE escalation interrupts (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Handle virtual mode in XIVE VCPU push code (bsc#1061840).\n\n - KVM: PPC: Book3S HV: XIVE: Free escalation interrupts before disabling the VP (bsc#1061840).\n\n - leds: leds-lp5562 allow firmware files up to the maximum length (bsc#1051510).\n\n - leds: trigger: gpio: GPIO 0 is valid (bsc#1051510).\n\n - libertas_tf: Use correct channel range in lbtf_geo_init (bsc#1051510).\n\n - libiscsi: do not try to bypass SCSI EH (bsc#1142076).\n\n - livepatch: Nullify obj->mod in klp_module_coming()'s error path (bsc#1071995).\n\n - mac80211: minstrel_ht: fix per-group max throughput rate initialization (bsc#1051510).\n\n - md: do not report active array_state until after revalidate_disk() completes (git-fixes).\n\n - md: only call set_in_sync() when it is expected to succeed (git-fixes).\n\n - md/raid6: Set R5_ReadError when there is read failure on parity disk (git-fixes).\n\n - media: atmel: atmel-isi: fix timeout value for stop streaming (bsc#1051510).\n\n - media: dib0700: fix link error for dibx000_i2c_set_speed (bsc#1051510).\n\n - media: em28xx: fix handler for vidioc_s_input() (bsc#1051510).\n\n - media: em28xx: stop rewriting device's struct (bsc#1051510).\n\n - media: fdp1: Reduce FCP not found message level to debug (bsc#1051510).\n\n - media: marvell-ccic: do not generate EOF on parallel bus (bsc#1051510).\n\n - media: mc-device.c: do not memset __user pointer contents (bsc#1051510).\n\n - media: ov6650: Fix sensor possibly not detected on probe (bsc#1051510).\n\n - media: ov6650: Move v4l2_clk_get() to ov6650_video_probe() helper (bsc#1051510).\n\n - media: replace strcpy() by strscpy() (bsc#1051510).\n\n - media: Revert '[media] marvell-ccic: reset ccic phy when stop streaming for stability' (bsc#1051510).\n\n - media: technisat-usb2: break out of loop at end of buffer (bsc#1051510).\n\n - media: tm6000: double free if usb disconnect while streaming (bsc#1051510).\n\n - media: vb2: Fix videobuf2 to map correct area (bsc#1051510).\n\n - mic: avoid statically declaring a 'struct device' (bsc#1051510).\n\n - mmc: sdhci-msm: fix mutex while in spinlock (bsc#1142635).\n\n - mmc: sdhci-of-arasan: Do now show error message in case of deffered probe (bsc#1119086).\n\n - mtd: spi-nor: Fix Cadence QSPI RCU Schedule Stall (bsc#1051510).\n\n - mvpp2: refactor MTU change code (networking-stable-19_08_08).\n\n - net: bridge: delete local fdb on device init failure (networking-stable-19_08_08).\n\n - net: bridge: mcast: do not delete permanent entries when fast leave is enabled (networking-stable-19_08_08).\n\n - net: fix ifindex collision during namespace removal (networking-stable-19_08_08).\n\n - net/ibmvnic: prevent more than one thread from running in reset (bsc#1152457 ltc#174432).\n\n - net/ibmvnic: unlock rtnl_lock in reset so linkwatch_event can run (bsc#1152457 ltc#174432).\n\n - net/mlx5e: Only support tx/rx pause setting for port owner (networking-stable-19_08_21).\n\n - net/mlx5e: Prevent encap flow counter update async to user query (networking-stable-19_08_08).\n\n - net/mlx5e: Use flow keys dissector to parse packets for ARFS (networking-stable-19_08_21).\n\n - net/mlx5: Use reversed order when unregister devices (networking-stable-19_08_08).\n\n - net/packet: fix race in tpacket_snd() (networking-stable-19_08_21).\n\n - net: sched: Fix a possible NULL pointer dereference in dequeue_func() (networking-stable-19_08_08).\n\n - net/smc: make sure EPOLLOUT is raised (networking-stable-19_08_28).\n\n - NFS4: Fix v4.0 client state corruption when mount (git-fixes).\n\n - nfsd: degraded slot-count more gracefully as allocation nears exhaustion (bsc#1150381).\n\n - nfsd: Do not release the callback slot unless it was actually held (git-fixes).\n\n - nfsd: Fix overflow causing non-working mounts on 1 TB machines (bsc#1150381).\n\n - nfsd: fix performance-limiting session calculation (bsc#1150381).\n\n - nfsd: give out fewer session slots as limit approaches (bsc#1150381).\n\n - nfsd: handle drc over-allocation gracefully (bsc#1150381).\n\n - nfsd: increase DRC cache limit (bsc#1150381).\n\n - NFS: Do not interrupt file writeout due to fatal errors (git-fixes).\n\n - NFS: Do not open code clearing of delegation state (git-fixes).\n\n - NFS: Ensure O_DIRECT reports an error if the bytes read/written is 0 (git-fixes).\n\n - NFS: Fix regression whereby fscache errors are appearing on 'nofsc' mounts (git-fixes).\n\n - NFS: Forbid setting AF_INET6 to 'struct sockaddr_in'->sin_family (git-fixes).\n\n - NFS: Refactor nfs_lookup_revalidate() (git-fixes).\n\n - NFS: Remove redundant semicolon (git-fixes).\n\n - NFSv4.1: Again fix a race where CB_NOTIFY_LOCK fails to wake a waiter (git-fixes).\n\n - NFSv4.1: Fix open stateid recovery (git-fixes).\n\n - NFSv4.1: Only reap expired delegations (git-fixes).\n\n - NFSv4: Check the return value of update_open_stateid() (git-fixes).\n\n - NFSv4: Fix an Oops in nfs4_do_setattr (git-fixes).\n\n - NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim() (git-fixes).\n\n - NFSv4: Fix delegation state recovery (git-fixes).\n\n - NFSv4: Fix lookup revalidate of regular files (git-fixes).\n\n - NFSv4: Fix OPEN / CLOSE race (git-fixes).\n\n - NFSv4: Handle the special Linux file open access mode (git-fixes).\n\n - NFSv4: Only pass the delegation to setattr if we're sending a truncate (git-fixes).\n\n - NFSv4/pnfs: Fix a page lock leak in nfs_pageio_resend() (git-fixes).\n\n - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (bsc#1051510).\n\n - null_blk: complete requests from ->timeout (bsc#1149446).\n\n - null_blk: wire up timeouts (bsc#1149446).\n\n - nvme: fix multipath crash when ANA is deactivated (bsc#1149446).\n\n - nvmem: Use the same permissions for eeprom as for nvmem (git-fixes).\n\n - nvme-rdma: Allow DELETING state change failure in (bsc#1104967,).\n\n - nvme-rdma: centralize admin/io queue teardown sequence (bsc#1142076).\n\n - nvme-rdma: centralize controller setup sequence (bsc#1142076).\n\n - nvme-rdma: fix a NULL deref when an admin connect times out (bsc#1149446).\n\n - nvme-rdma: fix timeout handler (bsc#1149446).\n\n - nvme-rdma: stop admin queue before freeing it (bsc#1140155).\n\n - nvme-rdma: support up to 4 segments of inline data (bsc#1142076).\n\n - nvme-rdma: unquiesce queues when deleting the controller (bsc#1142076).\n\n - nvme: remove ns sibling before clearing path (bsc#1140155).\n\n - nvme: return BLK_EH_DONE from ->timeout (bsc#1142076).\n\n - PCI: hv: Detect and fix Hyper-V PCI domain number collision (bsc#1150423).\n\n - phy: renesas: rcar-gen3-usb2: Disable clearing VBUS in over-current (bsc#1051510).\n\n - platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI table (bsc#1051510).\n\n - PM: sleep: Fix possible overflow in pm_system_cancel_wakeup() (bsc#1051510).\n\n - pNFS fallback to MDS if no deviceid found (git-fixes).\n\n - pNFS/flexfiles: Fix PTR_ERR() dereferences in ff_layout_track_ds_error (git-fixes).\n\n - pNFS/flexfiles: Turn off soft RPC calls (git-fixes).\n\n - powerpc/64: Make sys_switch_endian() traceable (bsc#1065729).\n\n - powerpc/64s/radix: Fix MADV_[FREE|DONTNEED] TLB flush miss problem with THP (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Fix memory hotplug section page table creation (bsc#1065729).\n\n - powerpc/64s/radix: Fix memory hot-unplug page table split (bsc#1065729).\n\n - powerpc/64s/radix: Implement _tlbie(l)_va_range flush functions (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Improve preempt handling in TLB code (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Improve TLB flushing for page table freeing (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Introduce local single page ceiling for TLB range flush (bsc#1055117 bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Optimize flush_tlb_range (bsc#1152161 ltc#181664).\n\n - powerpc/book3s64/mm: Do not do tlbie fixup for some hardware revisions (bsc#1152161 ltc#181664).\n\n - powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag (bsc#1152161 ltc#181664).\n\n - powerpc: bpf: Fix generation of load/store DW instructions (bsc#1065729).\n\n - powerpc/bpf: use unsigned division instruction for 64-bit operations (bsc#1065729).\n\n - powerpc: Drop page_is_ram() and walk_system_ram_range() (bsc#1065729).\n\n - powerpc/irq: Do not WARN continuously in arch_local_irq_restore() (bsc#1065729).\n\n - powerpc/irq: drop arch_early_irq_init() (bsc#1065729).\n\n - powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9 (bsc#1152161 ltc#181664).\n\n - powerpc/mm/radix: Drop unneeded NULL check (bsc#1152161 ltc#181664).\n\n - powerpc/mm/radix: implement LPID based TLB flushes to be used by KVM (bsc#1152161 ltc#181664).\n\n - powerpc/mm: Simplify page_is_ram by using memblock_is_memory (bsc#1065729).\n\n - powerpc/mm: Use memblock API for PPC32 page_is_ram (bsc#1065729).\n\n - powerpc/module64: Fix comment in R_PPC64_ENTRY handling (bsc#1065729).\n\n - powerpc/powernv: Fix compile without CONFIG_TRACEPOINTS (bsc#1065729).\n\n - powerpc/powernv/ioda2: Allocate TCE table levels on demand for default DMA window (bsc#1061840).\n\n - powerpc/powernv/ioda: Fix race in TCE level allocation (bsc#1061840).\n\n - powerpc/powernv: move OPAL call wrapper tracing and interrupt handling to C (bsc#1065729).\n\n - powerpc/powernv/npu: Remove obsolete comment about TCE_KILL_INVAL_ALL (bsc#1065729).\n\n - powerpc/pseries: Call H_BLOCK_REMOVE when supported (bsc#1109158).\n\n - powerpc/pseries: Fix cpu_hotplug_lock acquisition in resize_hpt() (bsc#1065729).\n\n - powerpc/pseries/memory-hotplug: Fix return value type of find_aa_index (bsc#1065729).\n\n - powerpc/pseries: Read TLB Block Invalidate Characteristics (bsc#1109158).\n\n - powerpc/ptrace: Simplify vr_get/set() to avoid GCC warning (bsc#1148868).\n\n - powerpc/xive: Fix bogus error code returned by OPAL (bsc#1065729).\n\n - powerpc/xive: Implement get_irqchip_state method for XIVE to fix shutdown race (bsc#1065729).\n\n - powerpc/xmon: Fix opcode being uninitialized in print_insn_powerpc (bsc#1065729).\n\n - power: reset: gpio-restart: Fix typo when gpio reset is not found (bsc#1051510).\n\n - power: supply: Init device wakeup after device_add() (bsc#1051510).\n\n - ppp: Fix memory leak in ppp_write (git-fixes).\n\n - printk: Do not lose last line in kmsg buffer dump (bsc#1152460).\n\n - printk: fix printk_time race (bsc#1152466).\n\n - printk/panic: Avoid deadlock in printk() after stopping CPUs by NMI (bsc#1148712).\n\n - qla2xxx: kABI fixes for v10.01.00.18-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - qla2xxx: remove SGI SN2 support (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - quota: fix wrong condition in is_quota_modification() (bsc#1152026).\n\n - r8152: Set memory to all 0xFFs on failed reg reads (bsc#1051510).\n\n - regulator: lm363x: Fix off-by-one n_voltages for lm3632 ldo_vpos/ldo_vneg (bsc#1051510).\n\n - Revert 'mwifiex: fix system hang problem after resume' (bsc#1051510).\n\n - scsi: qla2xxx: Add 28xx flash primary/secondary status/image mechanism (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add Device ID for ISP28XX (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add First Burst support for FC-NVMe devices (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add fw_attr and port_no SysFS node (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add new FW dump template entry types (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add pci function reset support (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add protection mask module parameters (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add Serdes support for ISP28XX (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add support for multiple fwdump templates/segments (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add support for setting port speed (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Allow NVMe IO to resume with short cable pull (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: allow session delete to finish before create (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Avoid PCI IRQ affinity mapping when multiqueue is not supported (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: avoid printf format warning (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Avoid that Coverity complains about dereferencing a NULL rport pointer (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Avoid that lockdep complains about unsafe locking in tcm_qla2xxx_close_session() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Avoid that qla2x00_mem_free() crashes if called twice (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Change abort wait_loop from msleep to wait_event_timeout (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Change data_dsd into an array (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Change default ZIO threshold (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Change the return type of qla24xx_read_flash_data() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Change the return type of qla2x00_update_ms_fdmi_iocb() into void (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Check for FW started flag before aborting (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: check for kstrtol() failure (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Check secondary image if reading the primary image fails (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Check the PCI info string output buffer size (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Check the size of firmware data structures at compile time (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Cleanup fcport memory to prevent leak (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Cleanup redundant qla2x00_abort_all_cmds during unload (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Cleanups for NVRAM/Flash read/write path (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: cleanup trace buffer initialization (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if a command is released that is owned by the firmware (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if a mailbox command times out (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if a soft reset fails (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if parsing the version string fails (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if sp->done() is not called from the completion path (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain if waiting for pending commands times out (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Complain loudly about reference count underflow (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Correct error handling during initialization failures (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Correction and improvement to fwdt processing (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Correctly report max/min supported speeds (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: deadlock by configfs_depend_item (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare fourth qla2x00_set_model_info() argument const (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare local symbols static (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare qla24xx_build_scsi_crc_2_iocbs() static (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare qla2x00_find_new_loop_id() static (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare qla_tgt_cmd.cdb const (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Declare the fourth ql_dump_buffer() argument const (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Disable T10-DIF feature with FC-NVMe during probe (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Do not corrupt vha->plogi_ack_list (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Downgrade driver to 10.01.00.19-k There are upstream bug reports against 10.01.00.19-k which haven't been resolved. Also the newer version failed to get a proper review. For time being it's better to got with the older version and do not introduce new bugs.\n\n - scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Enable type checking for the SRB free and done callback functions (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix abort timeout race condition (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a NULL pointer dereference (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a qla24xx_enable_msix() error path (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a race condition between aborting and completing a SCSI command (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a recently introduced kernel warning (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix a small typo in qla_bsg.c (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix code indentation for qla27xx_fwdt_entry (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix comment alignment in qla_bsg.c (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix comment in MODULE_PARM_DESC in qla2xxx (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix different size DMA Alloc/Unmap (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix DMA error when the DIF sg buffer crosses 4GB boundary (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix DMA unmap leak (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix driver reload for ISP82xx (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix driver unload when FC-NVMe LUNs are connected (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: fix fcport NULL pointer access (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix flash read for Qlogic ISPs (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix formatting of pointer types (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix fw dump corruption (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix fw options handle eh_bus_reset() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix gnl.l memory leak on adapter init failure (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix hang in fcport delete path (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix hardirq-unsafe locking (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix hardlockup in abort command during driver remove (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix kernel crash after disconnecting NVMe devices (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix LUN discovery if loop id is not assigned yet by firmware (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix message indicating vectors used by driver (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix N2N link reset (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix N2N link up fail (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix Nport ID display value (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix NULL pointer crash due to stale CPUID (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix NVME cmd and LS cmd timeout race condition (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix NVMe port discovery after a short device port loss (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix panic from use after free in qla2x00_async_tm_cmd (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix possible fcport NULL pointer dereferences (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix premature timer expiration (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix qla24xx_process_bidir_cmd() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix race conditions in the code for aborting SCSI commands (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix read offset in qla24xx_load_risc_flash() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix Relogin to prevent modifying scan_state flag (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix routine qla27xx_dump_(mpi|ram)() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix session cleanup hang (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix session lookup in qlt_abort_work() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: fix spelling mistake 'alredy' -> 'already' (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: fix spelling mistake 'initializatin' -> 'initialization' (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix SRB allocation flag to avoid sleeping in IRQ context (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix stale session (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix stuck login session (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix unload when NVMe devices are configured (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Fix use-after-free issues in qla2xxx_qpair_sp_free_dma() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: flush IO on chip reset or sess delete (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Further limit FLASH region write access from SysFS (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Improve Linux kernel coding style conformance (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Improve logging for scan thread (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Include the <asm/unaligned.h> header file from qla_dsd.h (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Increase the max_sgl_segments to 1024 (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Increase the size of the mailbox arrays from 4 to 8 (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Inline the qla2x00_fcport_event_handler() function (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Insert spaces where required (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce qla2x00_els_dcmd2_free() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce qla2xxx_get_next_handle() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce the be_id_t and le_id_t data types for FC src/dst IDs (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce the dsd32 and dsd64 data structures (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Introduce the function qla2xxx_init_sp() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Leave a blank line after declarations (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Let the compiler check the type of the SCSI command context pointer (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Log the status code if a firmware command fails (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make it explicit that ELS pass-through IOCBs use little endian (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make qla24xx_async_abort_cmd() static (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make qla2x00_abort_srb() again decrease the sp reference count (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make qla2x00_mem_free() easier to verify (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make qla2x00_process_response_queue() easier to read (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make qlt_handle_abts_completion() more robust (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Make sure that aborted commands are freed (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Modify NVMe include directives (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move debug messages before sending srb preventing panic (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: move IO flush to the front of NVME rport unregistration (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move marker request behind QPair (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move qla2x00_clear_loop_id() from qla_inline.h into qla_init.c (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move qla2x00_is_reserved_id() from qla_inline.h into qla_init.c (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move qla2x00_set_fcport_state() from a .h into a .c file (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move qla2x00_set_reserved_loop_ids() definition (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move the <linux/io-64-nonatomic-lo-hi.h> include directive (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Move the port_state_str definition from a .h to a .c file (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: no need to check return value of debugfs_create functions (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: on session delete, return nvme cmd (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Optimize NPIV tear down process (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Pass little-endian values to the firmware (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Prevent memory leak for CT req/rsp allocation (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Prevent multiple ADISC commands per session (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Prevent SysFS access when chip is down (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: qla2x00_alloc_fw_dump: set ha->eft (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Really fix qla2xxx_eh_abort() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Reduce the number of casts in GID list code (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Reduce the number of forward declarations (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Reduce the scope of three local variables in qla2xxx_queuecommand() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Reject EH_(abort|device_reset|target_request) (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove a comment that refers to the SCSI host lock (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove an include directive from qla_mr.c (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove a superfluous forward declaration (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove a superfluous pointer check (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove dead code (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: remove double assignment in qla2x00_update_fcport (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove FW default template (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove qla_tgt_cmd.data_work and qla_tgt_cmd.data_work_free (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove qla_tgt_cmd.released (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: remove redundant null check on pointer sess (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove set but not used variable 'ptr_dma' (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove superfluous sts_entry_* casts (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove the fcport test from qla_nvme_abort_work() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove two superfluous casts (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove two superfluous if-tests (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove two superfluous tests (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove unnecessary locking from the target code (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove unnecessary null check (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove unreachable code from qla83xx_idc_lock() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove useless set memory to zero use memset() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Remove WARN_ON_ONCE in qla2x00_status_cont_entry() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Replace vmalloc + memset with vzalloc (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Report invalid mailbox status codes (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Report the firmware status code if a mailbox command fails (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Reset the FCF_ASYNC_(SENT|ACTIVE) flags (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Restore FAWWPN of Physical Port only for loop down (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Retry fabric Scan on IOCB queue full (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Rework key encoding in qlt_find_host_by_d_id() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Secure flash update support for ISP28XX (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set remote port devloss timeout to 0 (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set remove flag for all VP (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set the qpair in SRB to NULL when SRB is released (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set the responder mode if appropriate for ELS pass-through IOCBs (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Set the SCSI command result before calling the command done (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Silence fwdump template message (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Silence Successful ELS IOCB message (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplification of register address used in qla_tmpl.c (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify a debug statement (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify conditional check again (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify qla24xx_abort_sp_done() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify qla24xx_async_abort_cmd() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify qlt_lport_dump() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Simplify qlt_send_term_imm_notif() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Skip FW dump on LOOP initialization error (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Suppress a Coveritiy complaint about integer overflow (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Suppress multiple Coverity complaint about out-of-bounds accesses (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: target: Fix offline port handling and host reset handling (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Uninline qla2x00_init_timer() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Unregister resources in the opposite order of the registration order (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.00.00.13-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.00.00.14-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.15-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.16-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.18-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.19-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Update flash read/write routine (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use an on-stack completion in qla24xx_control_vp() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use ARRAY_SIZE() in the definition of QLA_LAST_SPEED (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use common update-firmware-options routine for ISP27xx+ (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use complete switch scan for RSCN events (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use Correct index for Q-Pair array (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use dma_pool_zalloc() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use get/put_unaligned where appropriate (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use __le64 instead of uint32_t for sending DMA addresses to firmware (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use memcpy() and strlcpy() instead of strcpy() and strncpy() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use mutex protection during qla2x00_sysfs_read_fw_dump() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use strlcpy() instead of strncpy() (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use tabs instead of spaces for indentation (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Use tabs to indent code (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Verify locking assumptions at runtime (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: scsi_dh_rdac: zero cdb in send_mode_select() (bsc#1149313).\n\n - scsi: scsi_transport_fc: nvme: display FC-NVMe port roles (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: tcm_qla2xxx: Minimize #include directives (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi_transport_fc: complete requests from ->timeout (bsc#1142076).\n\n - sctp: fix the transport error_count check (networking-stable-19_08_21).\n\n - secure boot lockdown: Fix-up backport of /dev/mem access restriction The upstream-submitted patch set has evolved over time, align our patches (contents and description) to reflect the current status as far as /dev/mem access is concerned.\n\n - sky2: Disable MSI on yet another ASUS boards (P6Xxxx) (bsc#1051510).\n\n - slip: make slhc_free() silently accept an error pointer (bsc#1051510).\n\n - slip: sl_alloc(): remove unused parameter 'dev_t line' (bsc#1051510).\n\n - SUNRPC fix regression in umount of a secure mount (git-fixes).\n\n - SUNRPC: Handle connection breakages correctly in call_status() (git-fixes).\n\n - SUNRPC/nfs: Fix return value for nfs4_callback_compound() (git-fixes).\n\n - tcp: make sure EPOLLOUT wont be missed (networking-stable-19_08_28).\n\n - team: Add vlan tx offload to hw_enc_features (networking-stable-19_08_21).\n\n - tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for interrupts (bsc#1082555).\n\n - Update patches.suse/ext4-unsupported-features.patch (SLE-8615, bsc#1149651, SLE-9243).\n\n - Update patches.suse/powerpc-powernv-Return-for-invalid-IMC-doma in.patch (bsc#1054914, git-fixes).\n\n - USB: usbcore: Fix slab-out-of-bounds bug during device reset (bsc#1051510).\n\n - video: ssd1307fb: Start page range at page_offset (bsc#1113722)\n\n - x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h (bsc#1114279).\n\n - x86/fpu: Add FPU state copying quirk to handle XRSTOR failure on Intel Skylake CPUs (bsc#1151955).\n\n - x86/tls: Fix possible spectre-v1 in do_get_thread_area() (bsc#1114279).\n\n - xen/netback: Reset nr_frags before freeing skb (networking-stable-19_08_21).\n\n - xen-netfront: do not assume sk_buff_head list is empty in error handling (bsc#1065600).\n\n - xen-netfront: do not use ~0U as error return value for xennet_fill_frags() (bsc#1065600).\n\n - xen/xenbus: fix self-deadlock after killing user process (bsc#1065600).", "cvss3": {}, "published": "2019-10-11T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2019-2307)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18595", "CVE-2019-14821", "CVE-2019-15291", "CVE-2019-9506"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-kvmsmall", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-2307.NASL", "href": "https://www.tenable.com/plugins/nessus/129806", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2307.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129806);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-18595\", \"CVE-2019-14821\", \"CVE-2019-15291\", \"CVE-2019-9506\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2019-2307)\");\n script_summary(english:\"Check for the openSUSE-2019-2307 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 15.0 kernel was updated to receive various security\nand bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2019-15291: There was a NULL pointer dereference\n caused by a malicious USB device in the\n flexcop_usb_probe function in the\n drivers/media/usb/b2c2/flexcop-usb.c driver\n (bnc#1146540).\n\n - CVE-2019-14821: An out-of-bounds access issue was found\n in the way Linux kernel's KVM hypervisor implements the\n Coalesced MMIO write operation. It operates on an MMIO\n ring buffer 'struct kvm_coalesced_mmio' object, wherein\n write indices 'ring->first' and 'ring->last' value could\n be supplied by a host user-space process. An\n unprivileged host user or process with access to\n '/dev/kvm' device could have used this flaw to crash the\n host kernel, resulting in a denial of service or\n potentially escalating privileges on the system\n (bnc#1151350).\n\n - CVE-2017-18595: A double free might have been caused by\n the function allocate_trace_buffer in the file\n kernel/trace/trace.c (bnc#1149555).\n\n - CVE-2019-9506: The Bluetooth BR/EDR specification up to\n and including version 5.1 permits sufficiently low\n encryption key length and did not prevent an attacker\n from influencing the key length negotiation. This\n allowed practical brute-force attacks (aka 'KNOB') that\n can decrypt traffic and inject arbitrary ciphertext\n without the victim noticing (bnc#1137865 1146042).\n\nThe following non-security bugs were fixed :\n\n - ACPI: custom_method: fix memory leaks (bsc#1051510).\n\n - ACPI / PCI: fix acpi_pci_irq_enable() memory leak\n (bsc#1051510).\n\n - ACPI / property: Fix acpi_graph_get_remote_endpoint()\n name in kerneldoc (bsc#1051510).\n\n - alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP\n (bsc#1151680).\n\n - ALSA: aoa: onyx: always initialize register read value\n (bsc#1051510).\n\n - ALSA: firewire-tascam: check intermediate state of clock\n status and retry (bsc#1051510).\n\n - ALSA: firewire-tascam: handle error code when getting\n current source of clock (bsc#1051510).\n\n - ASoC: es8328: Fix copy-paste error in\n es8328_right_line_controls (bsc#1051510).\n\n - ASoC: Intel: Baytrail: Fix implicit fallthrough warning\n (bsc#1051510).\n\n - ASoC: sun4i-i2s: RX and TX counter registers are swapped\n (bsc#1051510).\n\n - ASoC: wm8737: Fix copy-paste error in\n wm8737_snd_controls (bsc#1051510).\n\n - ASoC: wm8988: fix typo in wm8988_right_line_controls\n (bsc#1051510).\n\n - ath9k: dynack: fix possible deadlock in\n ath_dynack_node_(de)init (bsc#1051510).\n\n - atm: iphase: Fix Spectre v1 vulnerability\n (networking-stable-19_08_08).\n\n - bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA\n (bsc#1051510).\n\n - blk-flush: do not run queue for requests bypassing flush\n (bsc#1137959).\n\n - blk-flush: use blk_mq_request_bypass_insert()\n (bsc#1137959).\n\n - blk-mq: do not allocate driver tag upfront for flush rq\n (bsc#1137959).\n\n - blk-mq: Fix memory leak in blk_mq_init_allocated_queue\n error handling (bsc#1151610).\n\n - blk-mq: insert rq with DONTPREP to hctx dispatch list\n when requeue (bsc#1137959).\n\n - blk-mq: kABI fixes for blk-mq.h (bsc#1137959).\n\n - blk-mq: move blk_mq_put_driver_tag*() into blk-mq.h\n (bsc#1137959).\n\n - blk-mq: punt failed direct issue to dispatch list\n (bsc#1137959).\n\n - blk-mq: put the driver tag of nxt rq before first one is\n requeued (bsc#1137959).\n\n - blk-mq-sched: decide how to handle flush rq via\n RQF_FLUSH_SEQ (bsc#1137959).\n\n - block: fix timeout changes for legacy request drivers\n (bsc#1149446).\n\n - block: kABI fixes for BLK_EH_DONE renaming\n (bsc#1142076).\n\n - block: rename BLK_EH_NOT_HANDLED to BLK_EH_DONE\n (bsc#1142076).\n\n - bnx2x: Disable multi-cos feature\n (networking-stable-19_08_08).\n\n - bonding/802.3ad: fix link_failure_count tracking\n (bsc#1137069 bsc#1141013).\n\n - bonding/802.3ad: fix slave link initialization\n transition states (bsc#1137069 bsc#1141013).\n\n - bonding: Add vlan tx offload to hw_enc_features\n (networking-stable-19_08_21).\n\n - bonding: set default miimon value for non-arp modes if\n not set (bsc#1137069 bsc#1141013).\n\n - bonding: speed/duplex update at NETDEV_UP event\n (bsc#1137069 bsc#1141013).\n\n - btrfs: fix use-after-free when using the tree\n modification log (bsc#1151891).\n\n - btrfs: qgroup: Fix reserved data space leak if we have\n multiple reserve calls (bsc#1152975).\n\n - btrfs: qgroup: Fix the wrong target io_tree when freeing\n reserved data space (bsc#1152974).\n\n - btrfs: relocation: fix use-after-free on dead relocation\n roots (bsc#1152972).\n\n - ceph: use ceph_evict_inode to cleanup inode's resource\n (bsc#1148133).\n\n - clk: at91: fix update bit maps on CFG_MOR write\n (bsc#1051510).\n\n - clk: sunxi-ng: v3s: add missing clock slices for MMC2\n module clocks (bsc#1051510).\n\n - clk: sunxi-ng: v3s: add the missing PLL_DDR1\n (bsc#1051510).\n\n - crypto: caam - fix concurrency issue in givencrypt\n descriptor (bsc#1051510).\n\n - crypto: caam - free resources in case caam_rng\n registration failed (bsc#1051510).\n\n - crypto: cavium/zip - Add missing single_release()\n (bsc#1051510).\n\n - crypto: ccp - Reduce maximum stack usage (bsc#1051510).\n\n - crypto: qat - Silence smp_processor_id() warning\n (bsc#1051510).\n\n - crypto: skcipher - Unmap pages after an external error\n (bsc#1051510).\n\n - dmaengine: dw: platform: Switch to\n acpi_dma_controller_register() (bsc#1051510).\n\n - dmaengine: iop-adma.c: fix printk format warning\n (bsc#1051510).\n\n - drivers: thermal: int340x_thermal: Fix sysfs race\n condition (bsc#1051510).\n\n - drm/i915: Fix various tracepoints for gen2 (bsc#1113722)\n\n - drm/imx: Drop unused imx-ipuv3-crtc.o build\n (bsc#1113722)\n\n - EDAC/amd64: Decode syndrome before translating address\n (bsc#1114279).\n\n - eeprom: at24: make spd world-readable again (git-fixes).\n\n - ext4: fix warning inside\n ext4_convert_unwritten_extents_endio (bsc#1152025).\n\n - ext4: set error return correctly when\n ext4_htree_store_dirent fails (bsc#1152024).\n\n - Fix kabi for: NFSv4: Fix OPEN / CLOSE race (git-fixes).\n\n - git-sort: add nfsd maintainers git tree This allows\n git-sort to handle patches queued for nfsd.\n\n - gpio: fix line flag validation in lineevent_create\n (bsc#1051510).\n\n - gpio: fix line flag validation in linehandle_create\n (bsc#1051510).\n\n - gpiolib: acpi: Add gpiolib_acpi_run_edge_events_on_boot\n option and blacklist (bsc#1051510).\n\n - gpiolib: only check line handle flags once\n (bsc#1051510).\n\n - gpio: Move gpiochip_lock/unlock_as_irq to gpio/driver.h\n (bsc#1051510).\n\n - hwmon: (lm75) Fix write operations for negative\n temperatures (bsc#1051510).\n\n - hwmon: (shtc1) fix shtc1 and shtw1 id mask\n (bsc#1051510).\n\n - ife: error out when nla attributes are empty\n (networking-stable-19_08_08).\n\n - iio: dac: ad5380: fix incorrect assignment to val\n (bsc#1051510).\n\n - Input: elan_i2c - remove Lenovo Legion Y7000 PnpID\n (bsc#1051510).\n\n - iommu/dma: Fix for dereferencing before null checking\n (bsc#1151667).\n\n - ip6_tunnel: fix possible use-after-free on xmit\n (networking-stable-19_08_08).\n\n - ipv6/addrconf: allow adding multicast addr if\n IFA_F_MCAUTOJOIN is set (networking-stable-19_08_28).\n\n - isdn/capi: check message length in capi_write()\n (bsc#1051510).\n\n - kABI: media: em28xx: fix handler for vidioc_s_input()\n (bsc#1051510). fixes kABI\n\n - kABI: media: em28xx: stop rewriting device's struct\n (bsc#1051510). fixes kABI\n\n - KVM: PPC: Book3S: Fix incorrect\n guest-to-user-translation error handling (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Check for MMU ready on piggybacked\n virtual cores (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Do not lose pending doorbell\n request on migration on P9 (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Do not push XIVE context when not\n using XIVE device (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Fix lockdep warning when entering\n the guest (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Fix race in re-enabling XIVE\n escalation interrupts (bsc#1061840).\n\n - KVM: PPC: Book3S HV: Handle virtual mode in XIVE VCPU\n push code (bsc#1061840).\n\n - KVM: PPC: Book3S HV: XIVE: Free escalation interrupts\n before disabling the VP (bsc#1061840).\n\n - leds: leds-lp5562 allow firmware files up to the maximum\n length (bsc#1051510).\n\n - leds: trigger: gpio: GPIO 0 is valid (bsc#1051510).\n\n - libertas_tf: Use correct channel range in lbtf_geo_init\n (bsc#1051510).\n\n - libiscsi: do not try to bypass SCSI EH (bsc#1142076).\n\n - livepatch: Nullify obj->mod in klp_module_coming()'s\n error path (bsc#1071995).\n\n - mac80211: minstrel_ht: fix per-group max throughput rate\n initialization (bsc#1051510).\n\n - md: do not report active array_state until after\n revalidate_disk() completes (git-fixes).\n\n - md: only call set_in_sync() when it is expected to\n succeed (git-fixes).\n\n - md/raid6: Set R5_ReadError when there is read failure on\n parity disk (git-fixes).\n\n - media: atmel: atmel-isi: fix timeout value for stop\n streaming (bsc#1051510).\n\n - media: dib0700: fix link error for dibx000_i2c_set_speed\n (bsc#1051510).\n\n - media: em28xx: fix handler for vidioc_s_input()\n (bsc#1051510).\n\n - media: em28xx: stop rewriting device's struct\n (bsc#1051510).\n\n - media: fdp1: Reduce FCP not found message level to debug\n (bsc#1051510).\n\n - media: marvell-ccic: do not generate EOF on parallel bus\n (bsc#1051510).\n\n - media: mc-device.c: do not memset __user pointer\n contents (bsc#1051510).\n\n - media: ov6650: Fix sensor possibly not detected on probe\n (bsc#1051510).\n\n - media: ov6650: Move v4l2_clk_get() to\n ov6650_video_probe() helper (bsc#1051510).\n\n - media: replace strcpy() by strscpy() (bsc#1051510).\n\n - media: Revert '[media] marvell-ccic: reset ccic phy when\n stop streaming for stability' (bsc#1051510).\n\n - media: technisat-usb2: break out of loop at end of\n buffer (bsc#1051510).\n\n - media: tm6000: double free if usb disconnect while\n streaming (bsc#1051510).\n\n - media: vb2: Fix videobuf2 to map correct area\n (bsc#1051510).\n\n - mic: avoid statically declaring a 'struct device'\n (bsc#1051510).\n\n - mmc: sdhci-msm: fix mutex while in spinlock\n (bsc#1142635).\n\n - mmc: sdhci-of-arasan: Do now show error message in case\n of deffered probe (bsc#1119086).\n\n - mtd: spi-nor: Fix Cadence QSPI RCU Schedule Stall\n (bsc#1051510).\n\n - mvpp2: refactor MTU change code\n (networking-stable-19_08_08).\n\n - net: bridge: delete local fdb on device init failure\n (networking-stable-19_08_08).\n\n - net: bridge: mcast: do not delete permanent entries when\n fast leave is enabled (networking-stable-19_08_08).\n\n - net: fix ifindex collision during namespace removal\n (networking-stable-19_08_08).\n\n - net/ibmvnic: prevent more than one thread from running\n in reset (bsc#1152457 ltc#174432).\n\n - net/ibmvnic: unlock rtnl_lock in reset so\n linkwatch_event can run (bsc#1152457 ltc#174432).\n\n - net/mlx5e: Only support tx/rx pause setting for port\n owner (networking-stable-19_08_21).\n\n - net/mlx5e: Prevent encap flow counter update async to\n user query (networking-stable-19_08_08).\n\n - net/mlx5e: Use flow keys dissector to parse packets for\n ARFS (networking-stable-19_08_21).\n\n - net/mlx5: Use reversed order when unregister devices\n (networking-stable-19_08_08).\n\n - net/packet: fix race in tpacket_snd()\n (networking-stable-19_08_21).\n\n - net: sched: Fix a possible NULL pointer dereference in\n dequeue_func() (networking-stable-19_08_08).\n\n - net/smc: make sure EPOLLOUT is raised\n (networking-stable-19_08_28).\n\n - NFS4: Fix v4.0 client state corruption when mount\n (git-fixes).\n\n - nfsd: degraded slot-count more gracefully as allocation\n nears exhaustion (bsc#1150381).\n\n - nfsd: Do not release the callback slot unless it was\n actually held (git-fixes).\n\n - nfsd: Fix overflow causing non-working mounts on 1 TB\n machines (bsc#1150381).\n\n - nfsd: fix performance-limiting session calculation\n (bsc#1150381).\n\n - nfsd: give out fewer session slots as limit approaches\n (bsc#1150381).\n\n - nfsd: handle drc over-allocation gracefully\n (bsc#1150381).\n\n - nfsd: increase DRC cache limit (bsc#1150381).\n\n - NFS: Do not interrupt file writeout due to fatal errors\n (git-fixes).\n\n - NFS: Do not open code clearing of delegation state\n (git-fixes).\n\n - NFS: Ensure O_DIRECT reports an error if the bytes\n read/written is 0 (git-fixes).\n\n - NFS: Fix regression whereby fscache errors are appearing\n on 'nofsc' mounts (git-fixes).\n\n - NFS: Forbid setting AF_INET6 to 'struct\n sockaddr_in'->sin_family (git-fixes).\n\n - NFS: Refactor nfs_lookup_revalidate() (git-fixes).\n\n - NFS: Remove redundant semicolon (git-fixes).\n\n - NFSv4.1: Again fix a race where CB_NOTIFY_LOCK fails to\n wake a waiter (git-fixes).\n\n - NFSv4.1: Fix open stateid recovery (git-fixes).\n\n - NFSv4.1: Only reap expired delegations (git-fixes).\n\n - NFSv4: Check the return value of update_open_stateid()\n (git-fixes).\n\n - NFSv4: Fix an Oops in nfs4_do_setattr (git-fixes).\n\n - NFSv4: Fix a potential sleep while atomic in\n nfs4_do_reclaim() (git-fixes).\n\n - NFSv4: Fix delegation state recovery (git-fixes).\n\n - NFSv4: Fix lookup revalidate of regular files\n (git-fixes).\n\n - NFSv4: Fix OPEN / CLOSE race (git-fixes).\n\n - NFSv4: Handle the special Linux file open access mode\n (git-fixes).\n\n - NFSv4: Only pass the delegation to setattr if we're\n sending a truncate (git-fixes).\n\n - NFSv4/pnfs: Fix a page lock leak in nfs_pageio_resend()\n (git-fixes).\n\n - nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds\n (bsc#1051510).\n\n - null_blk: complete requests from ->timeout\n (bsc#1149446).\n\n - null_blk: wire up timeouts (bsc#1149446).\n\n - nvme: fix multipath crash when ANA is deactivated\n (bsc#1149446).\n\n - nvmem: Use the same permissions for eeprom as for nvmem\n (git-fixes).\n\n - nvme-rdma: Allow DELETING state change failure in\n (bsc#1104967,).\n\n - nvme-rdma: centralize admin/io queue teardown sequence\n (bsc#1142076).\n\n - nvme-rdma: centralize controller setup sequence\n (bsc#1142076).\n\n - nvme-rdma: fix a NULL deref when an admin connect times\n out (bsc#1149446).\n\n - nvme-rdma: fix timeout handler (bsc#1149446).\n\n - nvme-rdma: stop admin queue before freeing it\n (bsc#1140155).\n\n - nvme-rdma: support up to 4 segments of inline data\n (bsc#1142076).\n\n - nvme-rdma: unquiesce queues when deleting the controller\n (bsc#1142076).\n\n - nvme: remove ns sibling before clearing path\n (bsc#1140155).\n\n - nvme: return BLK_EH_DONE from ->timeout (bsc#1142076).\n\n - PCI: hv: Detect and fix Hyper-V PCI domain number\n collision (bsc#1150423).\n\n - phy: renesas: rcar-gen3-usb2: Disable clearing VBUS in\n over-current (bsc#1051510).\n\n - platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to\n critclk_systems DMI table (bsc#1051510).\n\n - PM: sleep: Fix possible overflow in\n pm_system_cancel_wakeup() (bsc#1051510).\n\n - pNFS fallback to MDS if no deviceid found (git-fixes).\n\n - pNFS/flexfiles: Fix PTR_ERR() dereferences in\n ff_layout_track_ds_error (git-fixes).\n\n - pNFS/flexfiles: Turn off soft RPC calls (git-fixes).\n\n - powerpc/64: Make sys_switch_endian() traceable\n (bsc#1065729).\n\n - powerpc/64s/radix: Fix MADV_[FREE|DONTNEED] TLB flush\n miss problem with THP (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Fix memory hotplug section page table\n creation (bsc#1065729).\n\n - powerpc/64s/radix: Fix memory hot-unplug page table\n split (bsc#1065729).\n\n - powerpc/64s/radix: Implement _tlbie(l)_va_range flush\n functions (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Improve preempt handling in TLB code\n (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Improve TLB flushing for page table\n freeing (bsc#1152161 ltc#181664).\n\n - powerpc/64s/radix: Introduce local single page ceiling\n for TLB range flush (bsc#1055117 bsc#1152161\n ltc#181664).\n\n - powerpc/64s/radix: Optimize flush_tlb_range (bsc#1152161\n ltc#181664).\n\n - powerpc/book3s64/mm: Do not do tlbie fixup for some\n hardware revisions (bsc#1152161 ltc#181664).\n\n - powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG\n feature flag (bsc#1152161 ltc#181664).\n\n - powerpc: bpf: Fix generation of load/store DW\n instructions (bsc#1065729).\n\n - powerpc/bpf: use unsigned division instruction for\n 64-bit operations (bsc#1065729).\n\n - powerpc: Drop page_is_ram() and walk_system_ram_range()\n (bsc#1065729).\n\n - powerpc/irq: Do not WARN continuously in\n arch_local_irq_restore() (bsc#1065729).\n\n - powerpc/irq: drop arch_early_irq_init() (bsc#1065729).\n\n - powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue\n on POWER9 (bsc#1152161 ltc#181664).\n\n - powerpc/mm/radix: Drop unneeded NULL check (bsc#1152161\n ltc#181664).\n\n - powerpc/mm/radix: implement LPID based TLB flushes to be\n used by KVM (bsc#1152161 ltc#181664).\n\n - powerpc/mm: Simplify page_is_ram by using\n memblock_is_memory (bsc#1065729).\n\n - powerpc/mm: Use memblock API for PPC32 page_is_ram\n (bsc#1065729).\n\n - powerpc/module64: Fix comment in R_PPC64_ENTRY handling\n (bsc#1065729).\n\n - powerpc/powernv: Fix compile without CONFIG_TRACEPOINTS\n (bsc#1065729).\n\n - powerpc/powernv/ioda2: Allocate TCE table levels on\n demand for default DMA window (bsc#1061840).\n\n - powerpc/powernv/ioda: Fix race in TCE level allocation\n (bsc#1061840).\n\n - powerpc/powernv: move OPAL call wrapper tracing and\n interrupt handling to C (bsc#1065729).\n\n - powerpc/powernv/npu: Remove obsolete comment about\n TCE_KILL_INVAL_ALL (bsc#1065729).\n\n - powerpc/pseries: Call H_BLOCK_REMOVE when supported\n (bsc#1109158).\n\n - powerpc/pseries: Fix cpu_hotplug_lock acquisition in\n resize_hpt() (bsc#1065729).\n\n - powerpc/pseries/memory-hotplug: Fix return value type of\n find_aa_index (bsc#1065729).\n\n - powerpc/pseries: Read TLB Block Invalidate\n Characteristics (bsc#1109158).\n\n - powerpc/ptrace: Simplify vr_get/set() to avoid GCC\n warning (bsc#1148868).\n\n - powerpc/xive: Fix bogus error code returned by OPAL\n (bsc#1065729).\n\n - powerpc/xive: Implement get_irqchip_state method for\n XIVE to fix shutdown race (bsc#1065729).\n\n - powerpc/xmon: Fix opcode being uninitialized in\n print_insn_powerpc (bsc#1065729).\n\n - power: reset: gpio-restart: Fix typo when gpio reset is\n not found (bsc#1051510).\n\n - power: supply: Init device wakeup after device_add()\n (bsc#1051510).\n\n - ppp: Fix memory leak in ppp_write (git-fixes).\n\n - printk: Do not lose last line in kmsg buffer dump\n (bsc#1152460).\n\n - printk: fix printk_time race (bsc#1152466).\n\n - printk/panic: Avoid deadlock in printk() after stopping\n CPUs by NMI (bsc#1148712).\n\n - qla2xxx: kABI fixes for v10.01.00.18-k (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - qla2xxx: remove SGI SN2 support (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - quota: fix wrong condition in is_quota_modification()\n (bsc#1152026).\n\n - r8152: Set memory to all 0xFFs on failed reg reads\n (bsc#1051510).\n\n - regulator: lm363x: Fix off-by-one n_voltages for lm3632\n ldo_vpos/ldo_vneg (bsc#1051510).\n\n - Revert 'mwifiex: fix system hang problem after resume'\n (bsc#1051510).\n\n - scsi: qla2xxx: Add 28xx flash primary/secondary\n status/image mechanism (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - scsi: qla2xxx: Add Device ID for ISP28XX (bsc#1123034\n bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add error handling for PLOGI ELS\n passthrough (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add First Burst support for FC-NVMe\n devices (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add fw_attr and port_no SysFS node\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add new FW dump template entry types\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add pci function reset support\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add protection mask module parameters\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add Serdes support for ISP28XX\n (bsc#1123034 bsc#1131304 bsc#1127988).\n\n - scsi: qla2xxx: Add support for multiple fwdump\n templates/segments (bsc#1123034 bsc#1131304\n bsc#1127988).\n\n - s