ID REDHAT-RHSA-2020-0406.NASL Type nessus Reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2020-02-05T00:00:00
Description
An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 7 Extras.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.
Security Fix(es) :
HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)
HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
##
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2020:0406. The text
# itself is copyright (C) Red Hat, Inc.
##
include('compat.inc');
if (description)
{
script_id(133487);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/11/19");
script_cve_id("CVE-2019-9512", "CVE-2019-9514");
script_xref(name:"RHSA", value:"2020:0406");
script_name(english:"RHEL 7 : containernetworking-plugins (RHSA-2020:0406)");
script_summary(english:"Checks the rpm output for the updated package");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 7 Extras.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.
Security Fix(es) :
* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)
* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.");
script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/400.html");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9512");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-9514");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:0406");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1735645");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1735744");
script_set_attribute(attribute:"solution", value:
"Update the affected containernetworking-plugins package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-9514");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_cwe_id(400);
script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/09");
script_set_attribute(attribute:"patch_publication_date", value:"2020/02/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/05");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
script_set_attribute(attribute:"cpe", value:"cpe:/a:redhat:rhel_extras_other:7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('audit.inc');
include('global_settings.inc');
include('misc_func.inc');
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item('Host/RedHat/release');
if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
repositories = {
'rhel_extras_other_7': [
'rhel-7-desktop-extras-debug-rpms',
'rhel-7-desktop-extras-rpms',
'rhel-7-desktop-extras-source-rpms',
'rhel-7-for-system-z-a-extras-debug-rpms',
'rhel-7-for-system-z-a-extras-rpms',
'rhel-7-for-system-z-a-extras-source-rpms',
'rhel-7-for-system-z-extras-debug-rpms',
'rhel-7-for-system-z-extras-rpms',
'rhel-7-for-system-z-extras-source-rpms',
'rhel-7-server-extras-debug-rpms',
'rhel-7-server-extras-rpms',
'rhel-7-server-extras-source-rpms',
'rhel-7-workstation-extras-debug-rpms',
'rhel-7-workstation-extras-rpms',
'rhel-7-workstation-extras-source-rpms'
]
};
found_repos = NULL;
host_repo_list = get_kb_list('Host/RedHat/repo-list/*');
if (!(empty_or_null(host_repo_list))) {
found_repos = make_list();
foreach repo_key (keys(repositories)) {
foreach repo ( repositories[repo_key] ) {
if (get_kb_item('Host/RedHat/repo-list/' + repo)) {
append_element(var:found_repos, value:repo_key);
break;
}
}
}
if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:0406');
}
pkgs = [
{'reference':'containernetworking-plugins-0.8.1-4.el7_7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_extras_other_7']},
{'reference':'containernetworking-plugins-0.8.1-4.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_extras_other_7']}
];
flag = 0;
foreach package_array ( pkgs ) {
reference = NULL;
release = NULL;
sp = NULL;
cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
repo_list = NULL;
if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (reference && release) {
repocheck = FALSE;
if (empty_or_null(found_repos))
{
repocheck = TRUE;
}
else
{
foreach repo (repo_list) {
if (contains_element(var:found_repos, value:repo))
{
repocheck = TRUE;
break;
}
}
}
if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get() + redhat_report_package_caveat();
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : extra
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'containernetworking-plugins');
}
{"id": "REDHAT-RHSA-2020-0406.NASL", "bulletinFamily": "scanner", "title": "RHEL 7 : containernetworking-plugins (RHSA-2020:0406)", "description": "An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 7 Extras.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2020-02-05T00:00:00", "modified": "2020-02-05T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "https://www.tenable.com/plugins/nessus/133487", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/security/cve/CVE-2019-9512", "https://bugzilla.redhat.com/1735744", "https://access.redhat.com/errata/RHSA-2020:0406", "https://access.redhat.com/security/cve/CVE-2019-9514", "https://cwe.mitre.org/data/definitions/400.html", "https://bugzilla.redhat.com/1735645"], "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "type": "nessus", "lastseen": "2020-11-21T05:56:20", "edition": 12, "viewCount": 9, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-9514", "CVE-2019-9512"]}, {"type": "symantec", "idList": ["SMNTC-109636", "SMNTC-109637"]}, {"type": "f5", "idList": ["F5:K01988340", "F5:K98053339"]}, {"type": "freebsd", "idList": ["73B1E734-C74E-11E9-8052-0028F8D09152", "41F4BAAC-BF77-11E9-8D2F-5404A68AD561", "72A5579E-C765-11E9-8052-0028F8D09152"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220192078", "OPENVAS:1361412562310876757", "OPENVAS:1361412562310704508", "OPENVAS:1361412562310852847", "OPENVAS:1361412562310852903", "OPENVAS:1361412562310852683", "OPENVAS:1361412562310852848", "OPENVAS:1361412562310852691", "OPENVAS:1361412562311220191967", "OPENVAS:1361412562310704503"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4269", "ELSA-2020-1379", "ELSA-2019-4273", "ELSA-2020-1926", "ELSA-2019-2726"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4520-1:26CCF", "DEBIAN:DLA-2485-1:44FAA", "DEBIAN:DSA-4503-1:6B94A", "DEBIAN:DSA-4508-1:2E656"]}, {"type": "amazon", "idList": ["ALAS-2019-1270", "ALAS2-2019-1272"]}, {"type": "redhat", "idList": ["RHSA-2019:2766", "RHSA-2019:2682", "RHSA-2019:3906", "RHSA-2019:3131", "RHSA-2019:2726", "RHSA-2019:2661", "RHSA-2019:4273", "RHSA-2020:0406", "RHSA-2019:3265", "RHSA-2019:3245"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2019-3245.NASL", "REDHAT-RHSA-2019-3131.NASL", "ORACLELINUX_ELSA-2019-4273.NASL", "REDHAT-RHSA-2019-3265.NASL", "REDHAT-RHSA-2019-2726.NASL", "AL2_ALAS-2019-1272.NASL", "FREEBSD_PKG_41F4BAACBF7711E98D2F5404A68AD561.NASL", "REDHAT-RHSA-2019-2661.NASL", "DEBIAN_DLA-2485.NASL", "REDHAT-RHSA-2019-2682.NASL"]}, {"type": "fedora", "idList": ["FEDORA:691DA613FFAA", "FEDORA:CCB9960F3CBA"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2056-1", "OPENSUSE-SU-2019:2000-1", "OPENSUSE-SU-2019:2072-1", "OPENSUSE-SU-2019:2130-1", "OPENSUSE-SU-2019:2085-1"]}, {"type": "archlinux", "idList": ["ASA-201908-16", "ASA-201908-15"]}, {"type": "apple", "idList": ["APPLE:HT210436"]}], "modified": "2020-11-21T05:56:20", "rev": 2}, "score": {"value": 6.4, "vector": "NONE", "modified": "2020-11-21T05:56:20", "rev": 2}, "vulnersScore": 6.4}, "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:0406. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133487);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/19\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2020:0406\");\n\n script_name(english:\"RHEL 7 : containernetworking-plugins (RHSA-2020:0406)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 7 Extras.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-9512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-9514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:0406\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1735645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1735744\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected containernetworking-plugins package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9514\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_extras_other:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'rhel_extras_other_7': [\n 'rhel-7-desktop-extras-debug-rpms',\n 'rhel-7-desktop-extras-rpms',\n 'rhel-7-desktop-extras-source-rpms',\n 'rhel-7-for-system-z-a-extras-debug-rpms',\n 'rhel-7-for-system-z-a-extras-rpms',\n 'rhel-7-for-system-z-a-extras-source-rpms',\n 'rhel-7-for-system-z-extras-debug-rpms',\n 'rhel-7-for-system-z-extras-rpms',\n 'rhel-7-for-system-z-extras-source-rpms',\n 'rhel-7-server-extras-debug-rpms',\n 'rhel-7-server-extras-rpms',\n 'rhel-7-server-extras-source-rpms',\n 'rhel-7-workstation-extras-debug-rpms',\n 'rhel-7-workstation-extras-rpms',\n 'rhel-7-workstation-extras-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n append_element(var:found_repos, value:repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:0406');\n}\n\npkgs = [\n {'reference':'containernetworking-plugins-0.8.1-4.el7_7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_extras_other_7']},\n {'reference':'containernetworking-plugins-0.8.1-4.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_extras_other_7']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n repocheck = FALSE;\n if (empty_or_null(found_repos))\n {\n repocheck = TRUE;\n }\n else\n {\n foreach repo (repo_list) {\n if (contains_element(var:found_repos, value:repo))\n {\n repocheck = TRUE;\n break;\n }\n }\n }\n if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'containernetworking-plugins');\n}\n", "naslFamily": "Red Hat Local Security Checks", "pluginID": "133487", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "cpe:/a:redhat:rhel_extras_other:7", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins"], "scheme": null, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}}
{"cve": [{"lastseen": "2020-12-09T21:41:58", "description": "Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.", "edition": 41, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-08-13T21:15:00", "title": "CVE-2019-9512", "type": "cve", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9512"], "modified": "2020-12-09T00:15:00", "cpe": ["cpe:/a:apache:traffic_server:7.1.6", "cpe:/o:debian:debian_linux:10.0", "cpe:/a:apache:traffic_server:8.0.3", "cpe:/a:apache:traffic_server:6.2.3", "cpe:/a:apple:swiftnio:1.4.0"], "id": "CVE-2019-9512", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-9512", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:apache:traffic_server:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:apache:traffic_server:7.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:apple:swiftnio:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:traffic_server:8.0.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T21:41:58", "description": "Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.", "edition": 43, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-08-13T21:15:00", "title": "CVE-2019-9514", "type": "cve", "cwe": ["CWE-770"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9514"], "modified": "2020-12-09T00:15:00", "cpe": ["cpe:/a:synology:diskstation_manager:6.2", "cpe:/o:opensuse:leap:15.0", "cpe:/o:redhat:enterprise_linux_eus:8.1", "cpe:/a:redhat:openshift_container_platform:4.2", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/a:apache:traffic_server:7.1.6", "cpe:/o:debian:debian_linux:10.0", "cpe:/a:redhat:jboss_enterprise_application_platform:7.3.0", "cpe:/o:fedoraproject:fedora:29", "cpe:/a:netapp:trident:-", "cpe:/a:redhat:openshift_container_platform:3.11", "cpe:/o:fedoraproject:fedora:30", "cpe:/a:redhat:openstack:14", "cpe:/o:opensuse:leap:15.1", "cpe:/o:synology:vs960hd_firmware:-", "cpe:/a:redhat:jboss_enterprise_application_platform:7.2.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/a:apache:traffic_server:8.0.3", "cpe:/a:redhat:software_collections:1.0", "cpe:/a:apache:traffic_server:6.2.3", "cpe:/a:redhat:developer_tools:1.0", "cpe:/a:redhat:openshift_container_platform:3.9", "cpe:/a:apple:swiftnio:1.4.0", "cpe:/a:netapp:cloud_insights:-", "cpe:/a:redhat:openshift_container_platform:4.1", "cpe:/o:canonical:ubuntu_linux:19.04", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/a:redhat:openshift_service_mesh:1.0", "cpe:/o:redhat:enterprise_linux:8.0", "cpe:/a:redhat:openshift_container_platform:3.10", "cpe:/a:redhat:jboss_core_services:1.0", "cpe:/a:redhat:single_sign-on:7.3", "cpe:/a:oracle:graalvm:19.2.0", "cpe:/a:synology:skynas:-", "cpe:/a:redhat:quay:3.0.0", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2019-9514", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-9514", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:traffic_server:6.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "cpe:2.3:a:apache:traffic_server:7.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apple:swiftnio:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*", "cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:traffic_server:8.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*"]}], "symantec": [{"lastseen": "2019-08-22T22:49:43", "bulletinFamily": "software", "cvelist": ["CVE-2019-9512"], "description": "### Description\n\nMicrosoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected system to become unresponsive, resulting in a denial-of-service condition.\n\n### Technologies Affected\n\n * Apple SwiftNIO HTTP/2 1.0.0 \n * Apple SwiftNIO HTTP/2 1.1.0 \n * Apple SwiftNIO HTTP/2 1.2.0 \n * Apple SwiftNIO HTTP/2 1.3.0 \n * Apple SwiftNIO HTTP/2 1.4.0 \n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1703 for 32-bit Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n * RFC 7540 HTTP/2 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of exploits.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "SMNTC-109637", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/109637", "type": "symantec", "title": "Microsoft Windows 'HTTP.sys' CVE-2019-9512 Denial of Service Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-08-22T22:49:45", "bulletinFamily": "software", "cvelist": ["CVE-2019-9514"], "description": "### Description\n\nMicrosoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected system to become unresponsive, resulting in a denial-of-service condition.\n\n### Technologies Affected\n\n * Apple SwiftNIO HTTP/2 1.0.0 \n * Apple SwiftNIO HTTP/2 1.1.0 \n * Apple SwiftNIO HTTP/2 1.2.0 \n * Apple SwiftNIO HTTP/2 1.3.0 \n * Apple SwiftNIO HTTP/2 1.4.0 \n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1703 for 32-bit Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n * RFC 7540 HTTP/2 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of exploits.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "SMNTC-109636", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/109636", "type": "symantec", "title": "Microsoft Windows 'HTTP.sys' CVE-2019-9514 Denial of Service Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}}], "f5": [{"lastseen": "2020-04-06T22:40:51", "bulletinFamily": "software", "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-9511", "CVE-2019-9518", "CVE-2019-9517", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9516"], "description": "\nF5 Product Development has assigned ID 773673 (BIG-IP) to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases, point releases, or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM) | 15.x | 15.0.0 - 15.0.1 | 15.1.0 \n15.0.1.1 | Medium | [5.0](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:U/RC:C>) | Virtual servers configured to use the HTTP/2 profile \n14.x | 14.0.0 - 14.1.2 | 14.1.2.1 \n14.0.1.1 \n13.x | 13.1.0 - 13.1.3 | 13.1.3.2 \n12.x | 12.1.0 - 12.1.5 | 12.1.5.1 \n11.x | 11.6.1 - 11.6.5 | 11.6.5.1 \nBIG-IP (AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 15.x | None | Not applicable | Not vulnerable | None | None \n14.x | None | Not applicable \n13.x | None | Not applicable \n12.x | None | Not applicable \n11.x | None | Not applicable \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable | None | None \nBIG-IQ Centralized Management | 6.x | None | Not applicable | Not vulnerable | None | None \n5.x | None | Not applicable \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable | None | None \nTraffix SDC | 5.x | None | Not applicable | Not vulnerable | None | None \n \n1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\nF5 would like to acknowledge Jonathan Looney with Netflix for their efforts in identifying this issue.\n\n * [K46011592: HTTP/2 Empty Frames Flood vulnerability CVE-2019-9518](<https://support.f5.com/csp/article/K46011592>)\n * [K01988340: HTTP/2 Reset Flood vulnerability CVE-2019-9514](<https://support.f5.com/csp/article/K01988340>)\n * [K50233772: HTTP/2 Settings Flood vulnerability CVE-2019-9515](<https://support.f5.com/csp/article/K50233772>)\n * [K02591030: HTTP/2 vulnerabilities CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, and CVE-2019-9517](<https://support.f5.com/csp/article/K02591030>)\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 15.x)](<https://support.f5.com/csp/article/K13123>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2020-02-10T16:48:00", "published": "2019-08-20T05:48:00", "id": "F5:K98053339", "href": "https://support.f5.com/csp/article/K98053339", "title": "HTTP/2 Ping Flood vulnerability CVE-2019-9512", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-04-06T22:40:16", "bulletinFamily": "software", "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-9511", "CVE-2019-9518", "CVE-2019-9517", "CVE-2019-9513", "CVE-2019-9514", "CVE-2019-9516"], "description": "\nF5 Product Development has assigned ID 788769 to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases, point releases, or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM) | 15.x | 15.0.0 - 15.0.1 | 15.1.0 \n15.0.1.1 | Medium | [5.0](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:U/RC:C>) | Virtual servers configured to use the HTTP/2 profile \n14.x | 14.0.0 - 14.1.2 | 14.1.2.1 \n14.0.1.1 \n13.x | 13.1.0 - 13.1.3 | 13.1.3.2 \n12.x | 12.1.0 - 12.1.5 | 12.1.5.1 \n11.x | 11.6.1 - 11.6.5 | 11.6.5.1 \nBIG-IP (AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 15.x | None | Not applicable | Not vulnerable | None | None \n14.x | None | Not applicable \n13.x | None | Not applicable \n12.x | None | Not applicable \n11.x | None | Not applicable \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable | None | None \nBIG-IQ Centralized Management | 6.x | None | Not applicable | Not vulnerable | None | None \n5.x | None | Not applicable \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable | None | None \nTraffix SDC | 5.x | None | Not applicable | Not vulnerable | None | None \n \n1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\nF5 would like to acknowledge Jonathan Looney with Netflix for their efforts in identifying this issue.\n\n * [K46011592: HTTP/2 Empty Frames Flood vulnerability CVE-2019-9518](<https://support.f5.com/csp/article/K46011592>)\n * [K98053339: HTTP/2 Ping Flood vulnerability CVE-2019-9512](<https://support.f5.com/csp/article/K98053339>)\n * [K50233772: HTTP/2 Settings Flood vulnerability CVE-2019-9515](<https://support.f5.com/csp/article/K50233772>)\n * [K02591030: HTTP/2 vulnerabilities CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, and CVE-2019-9517](<https://support.f5.com/csp/article/K02591030>)\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 15.x)](<https://support.f5.com/csp/article/K13123>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2020-02-10T12:58:00", "published": "2019-08-20T05:46:00", "id": "F5:K01988340", "href": "https://support.f5.com/csp/article/K01988340", "title": "HTTP/2 Reset Flood vulnerability CVE-2019-9514", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "freebsd": [{"lastseen": "2019-08-24T11:39:45", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "\nThe traefik project reports:\n\nUpdate of dependency to go go1.12.8 resolves potential HTTP/2\n\t denial of service in traefik.\n\n", "edition": 2, "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "41F4BAAC-BF77-11E9-8D2F-5404A68AD561", "href": "https://vuxml.freebsd.org/freebsd/41f4baac-bf77-11e9-8d2f-5404a68ad561.html", "title": "traefik -- Denial of service in HTTP/2", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-25T21:39:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-9514"], "description": "\nJonathon Loomey of Netflix reports:\n\nHTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion\nRecently, a series of DoS attack vulnerabilities have been reported on a broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is exposed to the following:\n\nCVE-2019-9512 \"Ping Flood\": The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.\nCVE-2019-9514 \"Reset Flood\": The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both, potentially leading to a denial of service.\nCVE-2019-9515 \"Settings Flood\": The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.\n\n\n", "edition": 1, "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "73B1E734-C74E-11E9-8052-0028F8D09152", "href": "https://vuxml.freebsd.org/freebsd/73b1e734-c74e-11e9-8052-0028f8d09152.html", "title": "h2o -- multiple HTTP/2 vulnerabilities", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-25T21:39:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-9514"], "description": "\nJonathon Loomey of Netflix reports:\n\nHTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion\nRecently, a series of DoS attack vulnerabilities have been reported on a broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is exposed to the following:\n\nCVE-2019-9512 \"Ping Flood\": The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.\nCVE-2019-9514 \"Reset Flood\": The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both, potentially leading to a denial of service.\nCVE-2019-9515 \"Settings Flood\": The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.\n\n\n", "edition": 1, "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "72A5579E-C765-11E9-8052-0028F8D09152", "href": "https://vuxml.freebsd.org/freebsd/72a5579e-c765-11e9-8052-0028f8d09152.html", "title": "h2o -- multiple HTTP/2 vulnerabilities", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2020-01-27T18:38:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191967", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191967", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-1967)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1967\");\n script_version(\"2020-01-23T12:28:43+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:28:43 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:28:43 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-1967)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1967\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1967\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'golang' package(s) announced via the EulerOS-SA-2019-1967 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.(CVE-2019-9512)\n\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.(CVE-2019-9514)\");\n\n script_tag(name:\"affected\", value:\"'golang' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"golang\", rpm:\"golang~1.12~5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-bin\", rpm:\"golang-bin~1.12~5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-src\", rpm:\"golang-src~1.12~5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-28T14:51:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "The remote host is missing an update for the ", "modified": "2019-08-27T00:00:00", "published": "2019-08-20T00:00:00", "id": "OPENVAS:1361412562310704503", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704503", "type": "openvas", "title": "Debian Security Advisory DSA 4503-1 (golang-1.11 - security update)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704503\");\n script_version(\"2019-08-27T07:56:59+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-08-27 07:56:59 +0000 (Tue, 27 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-20 02:00:17 +0000 (Tue, 20 Aug 2019)\");\n script_name(\"Debian Security Advisory DSA 4503-1 (golang-1.11 - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4503.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4503-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'golang-1.11'\n package(s) announced via the DSA-4503-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Three vulnerabilities have been discovered in the Go programming language,\n'net/url' accepted some invalid hosts in URLs which could result in\nauthorisation bypass in some applications and the HTTP/2 implementation\nwas susceptible to denial of service.\");\n\n script_tag(name:\"affected\", value:\"'golang-1.11' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 1.11.6-1+deb10u1.\n\nWe recommend that you upgrade your golang-1.11 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"golang-1.11\", ver:\"1.11.6-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"golang-1.11-doc\", ver:\"1.11.6-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"golang-1.11-go\", ver:\"1.11.6-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"golang-1.11-src\", ver:\"1.11.6-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:29:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2020-01-09T00:00:00", "id": "OPENVAS:1361412562310852903", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852903", "type": "openvas", "title": "openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2130-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852903\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:44:02 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2130-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2130-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.12'\n package(s) announced via the openSUSE-SU-2019:2130-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2130=1\");\n\n script_tag(name:\"affected\", value:\"'go1.12' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12\", rpm:\"go1.12~1.12.9~lp151.2.21.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-doc\", rpm:\"go1.12-doc~1.12.9~lp151.2.21.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-race\", rpm:\"go1.12-race~1.12.9~lp151.2.21.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:27:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2020-01-09T00:00:00", "id": "OPENVAS:1361412562310852847", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852847", "type": "openvas", "title": "openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2085-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852847\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:35:56 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2085-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2085-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.12'\n package(s) announced via the openSUSE-SU-2019:2085-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2085=1\");\n\n script_tag(name:\"affected\", value:\"'go1.12' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12\", rpm:\"go1.12~1.12.9~lp151.2.17.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-doc\", rpm:\"go1.12-doc~1.12.9~lp151.2.17.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-race\", rpm:\"go1.12-race~1.12.9~lp151.2.17.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:54:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-09-03T00:00:00", "id": "OPENVAS:1361412562310852683", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852683", "type": "openvas", "title": "openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2056-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852683\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-09-03 02:03:45 +0000 (Tue, 03 Sep 2019)\");\n script_name(\"openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2056-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2056-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.12'\n package(s) announced via the openSUSE-SU-2019:2056-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2056=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2056=1\");\n\n script_tag(name:\"affected\", value:\"'go1.12' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12\", rpm:\"go1.12~1.12.9~lp150.8.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-doc\", rpm:\"go1.12-doc~1.12.9~lp150.8.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-race\", rpm:\"go1.12-race~1.12.9~lp150.8.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:30:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2020-01-09T00:00:00", "id": "OPENVAS:1361412562310852848", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852848", "type": "openvas", "title": "openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2000-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852848\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:36:02 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2000-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2000-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.12'\n package(s) announced via the openSUSE-SU-2019:2000-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth. (bsc#1146111)\n\n - CVE-2019-9514: Fixed HTTP/2 implementation is vulnerable to a reset\n flood, potentially leading to a denial of service. (bsc#1146115)\n\n - CVE-2019-14809: Fixed authorization bypass due to malformed hosts in\n URLs. (bsc#1146123)\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2000=1\");\n\n script_tag(name:\"affected\", value:\"'go1.12' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12\", rpm:\"go1.12~1.12.9~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-doc\", rpm:\"go1.12-doc~1.12.9~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-race\", rpm:\"go1.12-race~1.12.9~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:51:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-09-06T00:00:00", "id": "OPENVAS:1361412562310852691", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852691", "type": "openvas", "title": "openSUSE: Security Advisory for go1.11 (openSUSE-SU-2019:2072-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852691\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-09-06 02:00:56 +0000 (Fri, 06 Sep 2019)\");\n script_name(\"openSUSE: Security Advisory for go1.11 (openSUSE-SU-2019:2072-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2072-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.11'\n package(s) announced via the openSUSE-SU-2019:2072-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.11 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.11.13 (bsc#1141688).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2072=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2072=1\");\n\n script_tag(name:\"affected\", value:\"'go1.11' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.11\", rpm:\"go1.11~1.11.13~lp150.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.11-doc\", rpm:\"go1.11-doc~1.11.13~lp150.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.11-race\", rpm:\"go1.11-race~1.11.13~lp150.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-27T12:51:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-9514"], "description": "The remote host is missing an update for the ", "modified": "2019-08-27T00:00:00", "published": "2019-08-27T00:00:00", "id": "OPENVAS:1361412562310704508", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704508", "type": "openvas", "title": "Debian Security Advisory DSA 4508-1 (h2o - security update)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704508\");\n script_version(\"2019-08-27T02:00:16+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-08-27 02:00:16 +0000 (Tue, 27 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-27 02:00:16 +0000 (Tue, 27 Aug 2019)\");\n script_name(\"Debian Security Advisory DSA 4508-1 (h2o - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4508.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4508-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'h2o'\n package(s) announced via the DSA-4508-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Three vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP\nserver, which could result in denial of service.\");\n\n script_tag(name:\"affected\", value:\"'h2o' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 2.2.5+dfsg2-2+deb10u1.\n\nWe recommend that you upgrade your h2o packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"h2o\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"h2o-doc\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-dev\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-dev-common\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-evloop-dev\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-evloop0.13\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o0.13\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:36:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192078", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192078", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-2078)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2078\");\n script_version(\"2020-01-23T12:33:22+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:33:22 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:33:22 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-2078)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2078\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2078\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'golang' package(s) announced via the EulerOS-SA-2019-2078 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.(CVE-2019-9512)\n\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.(CVE-2019-9514)\n\nnet/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com.(CVE-2019-14809)\");\n\n script_tag(name:\"affected\", value:\"'golang' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"golang\", rpm:\"golang~1.11~4.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-bin\", rpm:\"golang-bin~1.11~4.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-src\", rpm:\"golang-src~1.11~4.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-10T14:49:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "The remote host is missing an update for the ", "modified": "2019-09-10T00:00:00", "published": "2019-09-07T00:00:00", "id": "OPENVAS:1361412562310876757", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876757", "type": "openvas", "title": "Fedora Update for golang FEDORA-2019-55d101a740", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876757\");\n script_version(\"2019-09-10T08:05:24+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-14809\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-09-10 08:05:24 +0000 (Tue, 10 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-07 02:23:49 +0000 (Sat, 07 Sep 2019)\");\n script_name(\"Fedora Update for golang FEDORA-2019-55d101a740\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-55d101a740\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'golang'\n package(s) announced via the FEDORA-2019-55d101a740 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Go Programming Language.\");\n\n script_tag(name:\"affected\", value:\"'golang' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"golang\", rpm:\"golang~1.12.9~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2020-12-30T19:24:35", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "go-toolset\n[1.11.13-1]\n- Bump version to 1.11.13\n- Related: rhbz#1743204\n- Related: rhbz#1743206\ngolang\n[1.11.13-2]\n- Improve error message when using non-FIPS API in FIPS mode.\n- Fixes CVE-2019-9512.\n- Fixes CVE-2019-9514.\n- Resolves: rhbz#1745711\n- Resolves: rhbz#1745705\n[1.11.6-3]\n- Updates to be less strict on key size in FIPS mode\n- Resolves: rhbz#1731550\n[1.11.6-2]\n- Lock to specific OpenSSL version on build\n- Resolves: rhbz#1709606", "edition": 2, "modified": "2019-09-17T00:00:00", "published": "2019-09-17T00:00:00", "id": "ELSA-2019-2726", "href": "http://linux.oracle.com/errata/ELSA-2019-2726.html", "title": "go-toolset:rhel8 security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-30T19:26:39", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-14378", "CVE-2019-9514"], "description": "buildah\n[1.5-6.0.1.gite94b4f9]\n- Fixes troubles with oracle registry login [Orabug: 29937283]\n[1.5-6.gite94b4f9]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1766309\ncontainernetworking-plugins\n[0.7.4-4.git9ebe139]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1766315, #1766214\npodman\n[1.0.0-4.git921f98f]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1766293, #1766321\nrunc\n[1.0.0-56.rc5.dev.git2abd837]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1766327, #1766299\nskopeo\n[1:0.1.32-6.0.1.git1715c90]\n- Add oracle registry into the conf file [Orabug: 29845934]\n- Fix oracle registry login issues [Orabug: 29937192]\n[1:0.1.32-6.git1715c90]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1772129, #1772134\nslirp4netns\n[0.1-3.dev.gitc4e1bc5]\n- Fix CVE-2019-14378 (#1755595).", "edition": 3, "modified": "2020-01-03T00:00:00", "published": "2020-01-03T00:00:00", "id": "ELSA-2019-4273", "href": "http://linux.oracle.com/errata/ELSA-2019-4273.html", "title": "container-tools:1.0 security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-30T19:22:12", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16884", "CVE-2020-8608", "CVE-2019-9512", "CVE-2019-9514"], "description": "buildah\n[1.11.6-6.0.1]\n- Fixes troubles with oracle registry login [Orabug: 29937283]\n[1.11.6-6]\n- fix COPY command takes long time with buildah\n- Resolves: #1806119\n[1.11.6-5]\n- fix Podman support for FIPS Mode requires a bind mount inside the container\n- Resolves: #1804188\ncockpit-podman\n[11-1]\n- Fix Alert notification in Image Search Modal\n- Allow more than a single Error Notification for Container action errors\n- Various Alert cleanups\n- Translation updates\n- Related: RHELPLAN-25138\n[10-1]\n- Support for user containers\n- Show list of containers that use given image\n- Show placeholder while loading containers and images\n- Fix setting memory limit - bug 1732713\n- Add container Terminal - bug 1703245\n- Related: RHELPLAN-25138\nconmon\n[2:2.0.6-1]\n- update to 2.0.6\n- Related: RHELPLAN-25138\n[2:2.0.5-1]\n- update to 2.0.5\n- Related: RHELPLAN-25138\n[2:2.0.4-1]\n- update to 2.0.4 bugfix release\n- Related: RHELPLAN-25138\n[2:2.0.3-2.giteb5fa88]\n- BR: systemd-devel\n- Related: RHELPLAN-25138\n[2:2.0.3-1.giteb5fa88]\n- update to 2.0.3\n[2:2.0.2-0.1.dev.git422ce21]\n- build latest upstream master\n[2:2.0.0-2]\n- remove BR: go-md2man since no manpages yet\ncontainer-selinux\n[2:2.124.0-1]\n- update to 2.124.0\n- Related: RHELPLAN-25138\nfuse-overlayfs\n[0.7.2-5]\n- be sure to work properly also with older rhel8 kernels, thanks to Giuseppe Scrivano\n- Resolves: #1803495\n[0.7.2-4]\n- latest iteration of segfault fix patch, thanks to Giuseppe Scrivano\n- Resolves: #1803495\n[0.7.2-3]\n- fix fuse-overlayfs segfault\n- Resolves: #1805016\n[0.7.2-2]\n- fix useradd and groupadd fail under rootless Buildah and podman\n- Resolves: #1803495\npodman\n[1.6.4-4.0.1]\n- delivering fix for [Orabug: 29874238] by Nikita Gerasimov \n[1.6.4-4]\n- fix podman (1.6.4) rhel 8.1 no route to host from inside container\n- Resolves: #1806900\n[1.6.4-3]\n- fix Podman support for FIPS Mode requires a bind mount inside the container\n- Resolves: #1804194\npython-podman-api\n[1.2.0-0.2.gitd0a45fe]\n- revert update to 1.6.0 due to new python3-pbr dependency which\nis not in RHEL\n- Related: RHELPLAN-25138\nrunc\n[1.0.0-64.rc9]\n- use no_openssl in BUILDTAGS (no vendored crypto in runc)\n- Related: RHELPLAN-25138\n[1.0.0-63.rc9]\n- be sure to use golang >= 1.12.12-4\n- Related: RHELPLAN-25138\n[1.0.0-62.rc9]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Related: RHELPLAN-25138\n[1.0.0-61.rc9]\n- update to runc 1.0.0-rc9 release\n- amend golang deps\n- fixes CVE-2019-16884\n[1.0.0-60.rc8]\n- Resolves: #1721247 - enable fips mode\n[1.0.0-59.rc8]\n- Resolves: #1720654 - rebase to v1.0.0-rc8\n[1.0.0-57.rc5.dev.git2abd837]\n- Resolves: #1693424 - podman rootless: cannot specify gid= mount options\nskopeo\n[0.1.40-8.0.1]\n- Add oracle registry into the conf file [Orabug: 29845934]\n- Fix oracle registry login issues [Orabug: 29937192]\n[1:0.1.40-8]\n- change the search order of registries and remove quay.io (#1784267)\nslirp4netns\n[0.4.2-3.git21fdece]\n- Fix CVE-2020-8608\n- Related: RHELPLAN-25138\ntoolbox\n[0.0.4-1.el8]\n- Update for rhel8.1 container-tools module\nudica\n[0.2.1-2]\n- initial import to container-tools 8.2.0\n- Related: RHELPLAN-25139", "edition": 4, "modified": "2020-04-15T00:00:00", "published": "2020-04-15T00:00:00", "id": "ELSA-2020-1379", "href": "http://linux.oracle.com/errata/ELSA-2020-1379.html", "title": "container-tools:ol8 security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-30T19:17:47", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16884", "CVE-2019-9512", "CVE-2019-14378", "CVE-2019-10214", "CVE-2019-9514"], "description": "buildah\n[1.9.0-5.0.1]\n- Fixes troubles with oracle registry login [Orabug: 29937283]\n[1.9.0-5]\n- Use autosetup macro again.\n[1.9.0-4]\n- Fix CVE-2019-10214 (#1734653).\n[1.9.0-3]\n- Resolves: #1721247 - enable fips mode\n[1.9.0-2]\n- Resolves: #1720654 - tests subpackage depends on golang explicitly\n[1.9.0-1]\n- Resolves: #1720654 - rebase to v1.9.0\ncockpit-podman\n[4-1]\n- Fix regression in container commit\n- Fix AppStream ID rhbz#1734809\n[3-1]\n- Enable Commit button for running containers\n- Fix race condition with container deletion\n- Stop fetching all containers/images for each container/image event\n[2-2]\n- Fix podman dependency\n[2-1]\n- Update to upstream 2 release\n- Support podman API 1.3\n- Support running commands with arguments\n- Show the default command coming from image\n- Implement filtering of images and containers\ncontainernetworking-plugins\n[0.8.1-3.0.1]\n- Disable debuginfo\n[0.8.1-3]\n- rebuild to address CVE-2019-9514 and CVE-2019-9512\n- Resolves: #1766318, #1766217\ncontainer-selinux\n[2:2.123.0-1]\n- update to 2.123.0\n- Related: #1774382\nfuse-overlayfs\n[0.4.1-1]\n- Resolves: #1720654 - rebase to v0.4.1\n[0.3-2]\n- rebase\n- Resolves:#1666510\npodman\n[1.4.2-6.0.1]\n- Ensure patch for Oracle docker registry is applied [Orabug: 30533101]\n- delivering fix for [Orabug: 29874238] by Nikita Gerasimov \n[1.4.2-6]\n- update to 1.4.2-stable3\n- Resolves: #1770176\npython-podman-api\n[1.2.0-0.1.gitd0a45fe]\n- Initial package\nrunc\n[1.0.0-61.rc8]\n- backport patches for CVE-2019-16884 from upstream\n- Resolves: #1764182\nskopeo\n[1:0.1.37-6.0.1]\n- Ensure patch for Oracle docker registry is applied [Orabug: 30533101]\n- Add oracle registry into the conf file [Orabug: 29845934]\n- Fix oracle registry login issues [Orabug: 29937192]\n[1:0.1.37-6]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1772136, #1772131\nslirp4netns\n[0.3.0-4]\n- Fix CVE-2019-14378 (#1755595).\n[0.3.0-3]\n- Resolves: #1683217 - BR: glib2-devel\n[0.3.0-2]\n- Resolves: #1683217 - bump slirp4netns to v0.3.0\n[0.3.0-1.alpha.2.git30883b5]\n- bump to v0.3.0-alpha.2", "edition": 3, "modified": "2020-01-03T00:00:00", "published": "2020-01-03T00:00:00", "id": "ELSA-2019-4269", "href": "http://linux.oracle.com/errata/ELSA-2019-4269.html", "title": "container-tools:ol8 security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2020-12-09T13:19:45", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2485-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Brian May\nDecember 09, 2020 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : golang-golang-x-net-dev\nVersion : 1:0.0+git20161013.8b4af36+dfsg-3+deb9u1\nCVE ID : CVE-2019-9512 CVE-2019-9514\n\nThe http2 server support in this package was vulnerable to\ncertain types of DOS attacks.\n\nCVE-2019-9512\n\n This code was vulnerable to ping floods, potentially leading to a denial of\n service. The attacker sends continual pings to an HTTP/2 peer, causing the peer\n to build an internal queue of responses. Depending on how efficiently this data\n is queued, this can consume excess CPU, memory, or both.\n\nCVE-2019-9514\n\n This code was vulnerable to a reset flood, potentially leading to a denial\n of service. The attacker opens a number of streams and sends an invalid request\n over each stream that should solicit a stream of RST_STREAM frames from the\n peer. Depending on how the peer queues the RST_STREAM frames, this can consume\n excess memory, CPU, or both.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:0.0+git20161013.8b4af36+dfsg-3+deb9u1.\n\nWe recommend that you upgrade your golang-golang-x-net-dev packages.\n\nFor the detailed security status of golang-golang-x-net-dev please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/golang-golang-x-net-dev\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 1, "modified": "2020-12-08T22:16:05", "published": "2020-12-08T22:16:05", "id": "DEBIAN:DLA-2485-1:44FAA", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202012/msg00011.html", "title": "[SECURITY] [DLA 2485-1] golang-golang-x-net-dev security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-08-12T00:55:37", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4503-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nAugust 18, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : golang-1.11\nCVE ID : CVE-2019-9512 CVE-2019-9514 CVE-2019-14809\n\nThree vulnerabilities have been discovered in the Go programming language;\n"net/url" accepted some invalid hosts in URLs which could result in\nauthorisation bypass in some applications and the HTTP/2 implementation\nwas susceptible to denial of service.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.11.6-1+deb10u1.\n\nWe recommend that you upgrade your golang-1.11 packages.\n\nFor the detailed security status of golang-1.11 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/golang-1.11\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "modified": "2019-08-18T18:25:26", "published": "2019-08-18T18:25:26", "id": "DEBIAN:DSA-4503-1:6B94A", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2019/msg00151.html", "title": "[SECURITY] [DSA 4503-1] golang-1.11 security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-10-09T01:00:09", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-9514"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4508-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nAugust 24, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : h2o\nCVE ID : CVE-2019-9512 CVE-2019-9514 CVE-2019-9515\n\nThree vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP\nserver, which could result in denial of service.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 2.2.5+dfsg2-2+deb10u1.\n\nWe recommend that you upgrade your h2o packages.\n\nFor the detailed security status of h2o please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/h2o\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 7, "modified": "2019-08-24T14:44:18", "published": "2019-08-24T14:44:18", "id": "DEBIAN:DSA-4508-1:2E656", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2019/msg00156.html", "title": "[SECURITY] [DSA 4508-1] h2o security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-08-12T01:10:24", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-9518", "CVE-2019-9514"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4520-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 09, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : trafficserver\nCVE ID : CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 CVE-2019-9518\n\nSeveral vulnerabilities were discovered in the HTTP/2 code of Apache\nTraffic Server, a reverse and forward proxy server, which could result\nin denial of service.\n\nThe fixes are too intrusive to backport to the version in the oldstable\ndistribution (stretch). An upgrade to Debian stable (buster) is\nrecommended instead.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 8.0.2+ds-1+deb10u1.\n\nWe recommend that you upgrade your trafficserver packages.\n\nFor the detailed security status of trafficserver please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/trafficserver\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 5, "modified": "2019-09-09T20:44:42", "published": "2019-09-09T20:44:42", "id": "DEBIAN:DSA-4520-1:26CCF", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2019/msg00168.html", "title": "[SECURITY] [DSA 4520-1] trafficserver security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:34:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "**Issue Overview:**\n\nSome HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. ([CVE-2019-9512 __](<https://access.redhat.com/security/cve/CVE-2019-9512>))\n\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. ([CVE-2019-9514 __](<https://access.redhat.com/security/cve/CVE-2019-9514>))\n\n \n**Affected Packages:** \n\n\ngolang\n\n \n**Issue Correction:** \nRun _yum update golang_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n golang-1.9.4-3.amzn2.0.2.aarch64 \n golang-bin-1.9.4-3.amzn2.0.2.aarch64 \n \n noarch: \n golang-docs-1.9.4-3.amzn2.0.2.noarch \n golang-misc-1.9.4-3.amzn2.0.2.noarch \n golang-tests-1.9.4-3.amzn2.0.2.noarch \n golang-src-1.9.4-3.amzn2.0.2.noarch \n \n src: \n golang-1.9.4-3.amzn2.0.2.src \n \n x86_64: \n golang-1.9.4-3.amzn2.0.2.x86_64 \n golang-bin-1.9.4-3.amzn2.0.2.x86_64 \n \n \n", "edition": 1, "modified": "2019-08-23T03:20:00", "published": "2019-08-23T03:20:00", "id": "ALAS2-2019-1272", "href": "https://alas.aws.amazon.com/AL2/ALAS-2019-1272.html", "title": "Important: golang", "type": "amazon", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-10T12:35:51", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "**Issue Overview:**\n\nnet/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com. ([CVE-2019-14809 __](<https://access.redhat.com/security/cve/CVE-2019-14809>))\n\nSome HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.([CVE-2019-9512 __](<https://access.redhat.com/security/cve/CVE-2019-9512>))\n\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.([CVE-2019-9514 __](<https://access.redhat.com/security/cve/CVE-2019-9514>))\n\n \n**Affected Packages:** \n\n\ngolang\n\n \n**Issue Correction:** \nRun _yum update golang_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n golang-1.12.8-1.51.amzn1.i686 \n golang-bin-1.12.8-1.51.amzn1.i686 \n \n noarch: \n golang-src-1.12.8-1.51.amzn1.noarch \n golang-tests-1.12.8-1.51.amzn1.noarch \n golang-docs-1.12.8-1.51.amzn1.noarch \n golang-misc-1.12.8-1.51.amzn1.noarch \n \n src: \n golang-1.12.8-1.51.amzn1.src \n \n x86_64: \n golang-race-1.12.8-1.51.amzn1.x86_64 \n golang-bin-1.12.8-1.51.amzn1.x86_64 \n golang-1.12.8-1.51.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2019-08-23T16:58:00", "published": "2019-08-23T16:58:00", "id": "ALAS-2019-1270", "href": "https://alas.aws.amazon.com/ALAS-2019-1270.html", "title": "Important: golang", "type": "amazon", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2019-09-09T14:47:34", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-09-09T17:02:07", "published": "2019-09-09T12:15:34", "id": "RHSA-2019:2682", "href": "https://access.redhat.com/errata/RHSA-2019:2682", "type": "redhat", "title": "(RHSA-2019:2682) Important: go-toolset-1.11 and go-toolset-1.11-golang security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-10T10:21:46", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-12-17T15:22:37", "published": "2019-12-17T14:20:02", "id": "RHSA-2019:4273", "href": "https://access.redhat.com/errata/RHSA-2019:4273", "type": "redhat", "title": "(RHSA-2019:4273) Important: container-tools:1.0 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-10-30T19:06:10", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the ansible-operator, apb, containernetworking-plugins, golang-github-openshift-prometheus-alert-buffer, golang-github-prometheus-promu and openshift-eventrouter RPM packages for Red Hat OpenShift Container Platform 4.1.21. These packages have been rebuilt with an updated version of Go to address the below security issues.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-10-30T22:16:12", "published": "2019-10-30T22:12:25", "id": "RHSA-2019:3265", "href": "https://access.redhat.com/errata/RHSA-2019:3265", "type": "redhat", "title": "(RHSA-2019:3265) Important: OpenShift Container Platform 4.1 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-10T10:20:28", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Failure trying to conntect to image registry using TLS when buildah is compiled with FIPS mode (BZ#1743169)", "modified": "2019-09-10T15:34:38", "published": "2019-09-10T14:40:48", "id": "RHSA-2019:2726", "href": "https://access.redhat.com/errata/RHSA-2019:2726", "type": "redhat", "title": "(RHSA-2019:2726) Important: go-toolset:rhel8 security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-10-30T07:33:30", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThe following packages have been rebuilt with an updated version of golang: apb (2.0.3), containernetworking-plugins (0.8.1), and golang-github-prometheus-promu (0.5.0). \n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-10-29T21:33:56", "published": "2019-10-29T21:28:20", "id": "RHSA-2019:3245", "href": "https://access.redhat.com/errata/RHSA-2019:3245", "type": "redhat", "title": "(RHSA-2019:3245) Important: OpenShift Container Platform 4.2 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-10-16T15:38:08", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the cri-o, cri-tools, faq, ignition, openshift-external-storage and pivot RPM packages, which have been rebuilt with an updated version of golang for Red Hat OpenShift Container Platform 4.1.20.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-10-16T19:30:36", "published": "2019-10-16T19:23:57", "id": "RHSA-2019:3131", "href": "https://access.redhat.com/errata/RHSA-2019:3131", "type": "redhat", "title": "(RHSA-2019:3131) Important: OpenShift Container Platform 4.1.20 golang security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-02-04T19:28:43", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-02-05T00:14:55", "published": "2020-02-04T23:54:49", "id": "RHSA-2020:0406", "href": "https://access.redhat.com/errata/RHSA-2020:0406", "type": "redhat", "title": "(RHSA-2020:0406) Important: containernetworking-plugins security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-11-18T16:23:09", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThe following RPM packages have been rebuilt with updated version of Go, which includes the security fixes listed further below:\n\natomic-enterprise-service-catalog\natomic-openshift-cluster-autoscaler\natomic-openshift-descheduler\natomic-openshift-metrics-server\natomic-openshift-node-problem-detector\natomic-openshift-service-idler\natomic-openshift-web-console\ncockpit\ncsi-attacher\ncsi-driver-registrar\ncsi-livenessprobe\ncsi-provisioner\ngolang-github-openshift-oauth-proxy\ngolang-github-openshift-prometheus-alert-buffer\ngolang-github-prometheus-alertmanager\ngolang-github-prometheus-node_exporter\ngolang-github-prometheus-prometheus\nhawkular-openshift-agent\nheapster\nimage-inspector\nopenshift-enterprise-autoheal\nopenshift-enterprise-cluster-capacity\nopenshift-eventrouter\nopenshift-external-storage\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-11-18T21:19:29", "published": "2019-11-18T21:18:29", "id": "RHSA-2019:3906", "href": "https://access.redhat.com/errata/RHSA-2019:3906", "type": "redhat", "title": "(RHSA-2019:3906) Important: OpenShift Container Platform 3.11 HTTP/2 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-11T07:51:10", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "description": "Both the openshift and atomic-enterprise-service-catalog packages have been rebuilt with updates versions of golang. The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.", "modified": "2019-09-11T09:14:59", "published": "2019-09-11T09:08:25", "id": "RHSA-2019:2661", "href": "https://access.redhat.com/errata/RHSA-2019:2661", "type": "redhat", "title": "(RHSA-2019:2661) Important: Red Hat OpenShift Container Platform 4.1 openshift RPM security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-26T17:27:29", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515"], "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains updates gRPC in the sriov-network-device-plugin container in Red Hat OpenShift Container Platform 4.1.18.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-09-26T21:11:33", "published": "2019-09-26T21:11:08", "id": "RHSA-2019:2861", "href": "https://access.redhat.com/errata/RHSA-2019:2861", "type": "redhat", "title": "(RHSA-2019:2861) Important: OpenShift Container Platform 4.1.18 gRPC security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-01T05:20:11", "description": "An update is now available for Red Hat OpenShift Container Platform\n4.1.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nThis advisory contains the ansible-operator, apb,\ncontainernetworking-plugins,\ngolang-github-openshift-prometheus-alert-buffer,\ngolang-github-prometheus-promu and openshift-eventrouter RPM packages\nfor Red Hat OpenShift Container Platform 4.1.21. These packages have\nbeen rebuilt with an updated version of Go to address the below\nsecurity issues.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-10-31T00:00:00", "title": "RHEL 7 : OpenShift Container Platform 4.1 (RHSA-2019:3265) (Ping Flood) (Reset Flood)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter", "p-cpe:/a:redhat:enterprise_linux:apb-devel", "p-cpe:/a:redhat:enterprise_linux:golang-github-prometheus-promu", "p-cpe:/a:redhat:enterprise_linux:apb-container-scripts", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins-debuginfo", "p-cpe:/a:redhat:enterprise_linux:apb", "p-cpe:/a:redhat:enterprise_linux:ansible-operator-devel", "p-cpe:/a:redhat:enterprise_linux:ansible-operator-container-scripts", "p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter-debuginfo", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-prometheus-alert-buffer", "p-cpe:/a:redhat:enterprise_linux:ansible-operator", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins", "p-cpe:/a:redhat:enterprise_linux:prometheus-promu"], "id": "REDHAT-RHSA-2019-3265.NASL", "href": "https://www.tenable.com/plugins/nessus/130418", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3265. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130418);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:3265\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 4.1 (RHSA-2019:3265) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat OpenShift Container Platform\n4.1.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nThis advisory contains the ansible-operator, apb,\ncontainernetworking-plugins,\ngolang-github-openshift-prometheus-alert-buffer,\ngolang-github-prometheus-promu and openshift-eventrouter RPM packages\nfor Red Hat OpenShift Container Platform 4.1.21. These packages have\nbeen rebuilt with an updated version of Go to address the below\nsecurity issues.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9514\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansible-operator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansible-operator-container-scripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansible-operator-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apb-container-scripts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:apb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-prometheus-alert-buffer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-prometheus-promu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus-promu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/31\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3265\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"ansible-operator-0.0.1-3.git.59.4beb3d2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"ansible-operator-container-scripts-0.0.1-3.git.59.4beb3d2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"ansible-operator-devel-0.0.1-3.git.59.4beb3d2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"apb-2.0.3-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"apb-container-scripts-2.0.3-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"apb-devel-2.0.3-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"containernetworking-plugins-0.8.1-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"containernetworking-plugins-debuginfo-0.8.1-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-openshift-prometheus-alert-buffer-0-3.gitceca8c1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-prometheus-promu-0-5.git85ceabc.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-eventrouter-0.2-3.gited73fb6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-eventrouter-debuginfo-0.2-3.gited73fb6.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-promu-0-5.git85ceabc.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ansible-operator / ansible-operator-container-scripts / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-07T08:59:17", "description": "According to the versions of the golang packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Some HTTP/2 implementations are vulnerable to ping\n floods, potentially leading to a denial of service. The\n attacker sends continual pings to an HTTP/2 peer,\n causing the peer to build an internal queue of\n responses. Depending on how efficiently this data is\n queued, this can consume excess CPU, memory, or\n both.(CVE-2019-9512)\n\n - Some HTTP/2 implementations are vulnerable to a reset\n flood, potentially leading to a denial of service. The\n attacker opens a number of streams and sends an invalid\n request over each stream that should solicit a stream\n of RST_STREAM frames from the peer. Depending on how\n the peer queues the RST_STREAM frames, this can consume\n excess memory, CPU, or both.(CVE-2019-9514)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 12, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-09-23T00:00:00", "title": "EulerOS 2.0 SP5 : golang (EulerOS-SA-2019-1967)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-09-23T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:golang-bin", "p-cpe:/a:huawei:euleros:golang", "p-cpe:/a:huawei:euleros:golang-src", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1967.NASL", "href": "https://www.tenable.com/plugins/nessus/129124", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129124);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-9512\",\n \"CVE-2019-9514\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : golang (EulerOS-SA-2019-1967)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the golang packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Some HTTP/2 implementations are vulnerable to ping\n floods, potentially leading to a denial of service. The\n attacker sends continual pings to an HTTP/2 peer,\n causing the peer to build an internal queue of\n responses. Depending on how efficiently this data is\n queued, this can consume excess CPU, memory, or\n both.(CVE-2019-9512)\n\n - Some HTTP/2 implementations are vulnerable to a reset\n flood, potentially leading to a denial of service. The\n attacker opens a number of streams and sends an invalid\n request over each stream that should solicit a stream\n of RST_STREAM frames from the peer. Depending on how\n the peer queues the RST_STREAM frames, this can consume\n excess memory, CPU, or both.(CVE-2019-9514)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1967\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c0413d68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected golang packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"golang-1.12-5.eulerosv2r7\",\n \"golang-bin-1.12-5.eulerosv2r7\",\n \"golang-src-1.12-5.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T05:19:25", "description": "An update for go-toolset-1.11 and go-toolset-1.11-golang is now\navailable for Red Hat Developer Tools.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGo Toolset provides the Go programming language tools and libraries.\nGo is alternatively known as golang.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-09-11T00:00:00", "title": "RHEL 7 : go-toolset-1.11 and go-toolset-1.11-golang (RHSA-2019:2682) (Ping Flood) (Reset Flood)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-runtime", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-docs", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-tests", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-race", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-build", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-scldevel", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-misc", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-bin", "p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-src"], "id": "REDHAT-RHSA-2019-2682.NASL", "href": "https://www.tenable.com/plugins/nessus/128659", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2682. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128659);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/12/27\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:2682\");\n\n script_name(english:\"RHEL 7 : go-toolset-1.11 and go-toolset-1.11-golang (RHSA-2019:2682) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for go-toolset-1.11 and go-toolset-1.11-golang is now\navailable for Red Hat Developer Tools.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGo Toolset provides the Go programming language tools and libraries.\nGo is alternatively known as golang.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9514\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-runtime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset-1.11-scldevel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2682\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-build-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-build-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-build-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-golang-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-golang-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-golang-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-golang-bin-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-golang-bin-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-golang-bin-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"go-toolset-1.11-golang-docs-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-golang-misc-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-golang-misc-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-golang-misc-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-golang-race-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-golang-src-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-golang-src-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-golang-src-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-golang-tests-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-golang-tests-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-golang-tests-1.11.13-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-runtime-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-runtime-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-runtime-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"aarch64\", reference:\"go-toolset-1.11-scldevel-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"go-toolset-1.11-scldevel-1.11.13-1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"go-toolset-1.11-scldevel-1.11.13-1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"go-toolset-1.11 / go-toolset-1.11-build / go-toolset-1.11-golang / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T02:37:47", "description": "The traefik project reports :\n\nUpdate of dependency to go go1.12.8 resolves potential HTTP/2 denial\nof service in traefik.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-08-20T00:00:00", "title": "FreeBSD : traefik -- Denial of service in HTTP/2 (41f4baac-bf77-11e9-8d2f-5404a68ad561) (Ping Flood) (Reset Flood)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:traefik"], "id": "FREEBSD_PKG_41F4BAACBF7711E98D2F5404A68AD561.NASL", "href": "https://www.tenable.com/plugins/nessus/127947", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127947);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n\n script_name(english:\"FreeBSD : traefik -- Denial of service in HTTP/2 (41f4baac-bf77-11e9-8d2f-5404a68ad561) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The traefik project reports :\n\nUpdate of dependency to go go1.12.8 resolves potential HTTP/2 denial\nof service in traefik.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/containous/traefik/releases/tag/v1.7.14\"\n );\n # https://vuxml.freebsd.org/freebsd/41f4baac-bf77-11e9-8d2f-5404a68ad561.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3d5b50cf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:traefik\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"traefik<1.7.14\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T04:47:02", "description": "From Red Hat Security Advisory 2019:4273 :\n\nAn update for the container-tools:1.0 module is now available for Red\nHat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe container-tools module contains tools for working with containers,\nnotably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.", "edition": 14, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-01-06T00:00:00", "title": "Oracle Linux 8 : container-tools:1.0 (ELSA-2019-4273) (Ping Flood) (Reset Flood)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:oci-umount", "p-cpe:/a:oracle:linux:runc", "p-cpe:/a:oracle:linux:podman-docker", "cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:containers-common", "p-cpe:/a:oracle:linux:fuse-overlayfs", "p-cpe:/a:oracle:linux:buildah", "p-cpe:/a:oracle:linux:skopeo", "p-cpe:/a:oracle:linux:containernetworking-plugins", "p-cpe:/a:oracle:linux:podman", "p-cpe:/a:oracle:linux:slirp4netns", "p-cpe:/a:oracle:linux:container-selinux", "p-cpe:/a:oracle:linux:oci-systemd-hook"], "id": "ORACLELINUX_ELSA-2019-4273.NASL", "href": "https://www.tenable.com/plugins/nessus/132668", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:4273 and \n# Oracle Linux Security Advisory ELSA-2019-4273 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132668);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:4273\");\n\n script_name(english:\"Oracle Linux 8 : container-tools:1.0 (ELSA-2019-4273) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2019:4273 :\n\nAn update for the container-tools:1.0 module is now available for Red\nHat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe container-tools module contains tools for working with containers,\nnotably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2020-January/009495.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected container-tools:1.0 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:oci-systemd-hook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:oci-umount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/06\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"buildah-1.5-6.0.1.gite94b4f9.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"container-selinux-2.94-1.git1e99f1d.module+el8.1.0+5440+42cffa37\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"containers-common-0.1.32-6.0.1.git1715c90.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"fuse-overlayfs-0.3-5.module+el8.1.0+5440+42cffa37\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+5440+42cffa37\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"oci-umount-2.3.4-2.git87f9237.module+el8.1.0+5440+42cffa37\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"podman-1.0.0-4.git921f98f.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"podman-docker-1.0.0-4.git921f98f.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"skopeo-0.1.32-6.0.1.git1715c90.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"slirp4netns-0.1-3.dev.gitc4e1bc5.module+el8.1.0+5440+42cffa37\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"buildah / container-selinux / containernetworking-plugins / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T05:19:24", "description": "An update for the openshift and atomic-enterprise-service-catalog\npackages is now available for Red Hat OpenShift Container Platform\n4.1.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nBoth the openshift and atomic-enterprise-service-catalog packages have\nbeen rebuilt with updates versions of golang. The golang packages\nprovide the Go programming language compiler.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-09-11T00:00:00", "title": "RHEL 7 / 8 : Red Hat OpenShift Container Platform 4.1 openshift RPM (RHSA-2019:2661) (Ping Flood) (Reset Flood)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog", "p-cpe:/a:redhat:enterprise_linux:openshift-clients", "p-cpe:/a:redhat:enterprise_linux:openshift-hyperkube", "p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog-svcat", "p-cpe:/a:redhat:enterprise_linux:openshift-clients-redistributable", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2019-2661.NASL", "href": "https://www.tenable.com/plugins/nessus/128657", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2661. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128657);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/12/27\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:2661\");\n\n script_name(english:\"RHEL 7 / 8 : Red Hat OpenShift Container Platform 4.1 openshift RPM (RHSA-2019:2661) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for the openshift and atomic-enterprise-service-catalog\npackages is now available for Red Hat OpenShift Container Platform\n4.1.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nBoth the openshift and atomic-enterprise-service-catalog packages have\nbeen rebuilt with updates versions of golang. The golang packages\nprovide the Go programming language compiler.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2661\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9514\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog-svcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-clients-redistributable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-hyperkube\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(7|8)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x / 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2661\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-enterprise-service-catalog-4.1.14-201908290858.git.1.28cc9ff.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-enterprise-service-catalog-svcat-4.1.14-201908290858.git.1.28cc9ff.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-clients-4.1.14-201908290858.git.0.3bd3467.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-clients-redistributable-4.1.14-201908290858.git.0.3bd3467.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-hyperkube-4.1.14-201908290858.git.0.3bd3467.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openshift-clients-4.1.14-201908290858.git.0.3bd3467.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openshift-clients-redistributable-4.1.14-201908290858.git.0.3bd3467.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openshift-hyperkube-4.1.14-201908290858.git.0.3bd3467.el8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"atomic-enterprise-service-catalog / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-23T03:54:15", "description": "An update for the container-tools:1.0 module is now available for Red\nHat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe container-tools module contains tools for working with containers,\nnotably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.", "edition": 8, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-12-18T00:00:00", "title": "RHEL 8 : container-tools:1.0 (RHSA-2019:4273) (Ping Flood) (Reset Flood)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2019-12-18T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8.1", "p-cpe:/a:redhat:enterprise_linux:slirp4netns-debugsource", "p-cpe:/a:redhat:enterprise_linux:buildah-debugsource", "p-cpe:/a:redhat:enterprise_linux:oci-umount", "p-cpe:/a:redhat:enterprise_linux:runc-debugsource", "p-cpe:/a:redhat:enterprise_linux:oci-umount-debugsource", "p-cpe:/a:redhat:enterprise_linux:podman-debugsource", "p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs-debugsource", "p-cpe:/a:redhat:enterprise_linux:podman", "p-cpe:/a:redhat:enterprise_linux:runc", "p-cpe:/a:redhat:enterprise_linux:oci-systemd-hook-debugsource", "p-cpe:/a:redhat:enterprise_linux:skopeo-debugsource", "cpe:/a:redhat:enterprise_linux:8::appstream", "p-cpe:/a:redhat:enterprise_linux:buildah", "p-cpe:/a:redhat:enterprise_linux:container-selinux", "p-cpe:/a:redhat:enterprise_linux:oci-systemd-hook", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins", "p-cpe:/a:redhat:enterprise_linux:skopeo", "p-cpe:/a:redhat:enterprise_linux:containers-common", "p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins-debugsource", "p-cpe:/a:redhat:enterprise_linux:podman-docker", "cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:slirp4netns"], "id": "REDHAT-RHSA-2019-4273.NASL", "href": "https://www.tenable.com/plugins/nessus/132235", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:4273. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132235);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/22\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:4273\");\n\n script_name(english:\"RHEL 8 : container-tools:1.0 (RHSA-2019:4273) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for the container-tools:1.0 module is now available for Red\nHat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe container-tools module contains tools for working with containers,\nnotably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:4273\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9514\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9512\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:buildah-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:oci-systemd-hook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:oci-systemd-hook-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:oci-umount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:oci-umount-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:runc-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:skopeo-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:slirp4netns-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:enterprise_linux:8::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/container-tools');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:1.0');\nif ('1.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);\n\nappstreams = {\n 'container-tools:1.0': [\n {'reference':'buildah-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'buildah-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'buildah-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'buildah-debugsource-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'buildah-debugsource-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'buildah-debugsource-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'container-selinux-2.94-1.git1e99f1d.module+el8.1.0+3468+011f0ab0', 'release':'8', 'epoch':'2'},\n {'reference':'containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'containernetworking-plugins-debugsource-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'containernetworking-plugins-debugsource-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'containernetworking-plugins-debugsource-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'containers-common-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'containers-common-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'s390x', 'release':'8', 'epoch':'1'},\n {'reference':'containers-common-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'fuse-overlayfs-0.3-5.module+el8.1.0+3468+011f0ab0', 'cpu':'aarch64', 'release':'8'},\n {'reference':'fuse-overlayfs-0.3-5.module+el8.1.0+3468+011f0ab0', 'cpu':'s390x', 'release':'8'},\n {'reference':'fuse-overlayfs-0.3-5.module+el8.1.0+3468+011f0ab0', 'cpu':'x86_64', 'release':'8'},\n {'reference':'fuse-overlayfs-debugsource-0.3-5.module+el8.1.0+3468+011f0ab0', 'cpu':'aarch64', 'release':'8'},\n {'reference':'fuse-overlayfs-debugsource-0.3-5.module+el8.1.0+3468+011f0ab0', 'cpu':'s390x', 'release':'8'},\n {'reference':'fuse-overlayfs-debugsource-0.3-5.module+el8.1.0+3468+011f0ab0', 'cpu':'x86_64', 'release':'8'},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0', 'cpu':'s390x', 'release':'8', 'epoch':'1'},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0', 'cpu':'s390x', 'release':'8', 'epoch':'1'},\n {'reference':'oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0', 'cpu':'aarch64', 'release':'8', 'epoch':'2'},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0', 'cpu':'s390x', 'release':'8', 'epoch':'2'},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0', 'cpu':'x86_64', 'release':'8', 'epoch':'2'},\n {'reference':'oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0', 'cpu':'aarch64', 'release':'8', 'epoch':'2'},\n {'reference':'oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0', 'cpu':'s390x', 'release':'8', 'epoch':'2'},\n {'reference':'oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0', 'cpu':'x86_64', 'release':'8', 'epoch':'2'},\n {'reference':'podman-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'podman-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'podman-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'podman-debugsource-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'podman-debugsource-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'podman-debugsource-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'podman-docker-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef', 'release':'8'},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'runc-debugsource-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef', 'cpu':'aarch64', 'release':'8'},\n {'reference':'runc-debugsource-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef', 'cpu':'s390x', 'release':'8'},\n {'reference':'runc-debugsource-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef', 'cpu':'x86_64', 'release':'8'},\n {'reference':'skopeo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'skopeo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'s390x', 'release':'8', 'epoch':'1'},\n {'reference':'skopeo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'skopeo-debugsource-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'skopeo-debugsource-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'s390x', 'release':'8', 'epoch':'1'},\n {'reference':'skopeo-debugsource-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'slirp4netns-0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48', 'cpu':'aarch64', 'release':'8'},\n {'reference':'slirp4netns-0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48', 'cpu':'s390x', 'release':'8'},\n {'reference':'slirp4netns-0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48', 'cpu':'x86_64', 'release':'8'},\n {'reference':'slirp4netns-debugsource-0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48', 'cpu':'aarch64', 'release':'8'},\n {'reference':'slirp4netns-debugsource-0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48', 'cpu':'s390x', 'release':'8'},\n {'reference':'slirp4netns-debugsource-0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48', 'cpu':'x86_64', 'release':'8'}\n ],\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:1.0');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / buildah-debugsource / container-selinux / etc');\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T05:21:22", "description": "An update is now available for Red Hat OpenShift Container Platform\n3.11.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nThe following RPM packages have been rebuilt with updated version of\nGo, which includes the security fixes listed further below :\n\natomic-enterprise-service-catalog atomic-openshift-cluster-autoscaler\natomic-openshift-descheduler atomic-openshift-metrics-server\natomic-openshift-node-problem-detector atomic-openshift-service-idler\natomic-openshift-web-console cockpit csi-attacher csi-driver-registrar\ncsi-livenessprobe csi-provisioner golang-github-openshift-oauth-proxy\ngolang-github-openshift-prometheus-alert-buffer\ngolang-github-prometheus-alertmanager\ngolang-github-prometheus-node_exporter\ngolang-github-prometheus-prometheus hawkular-openshift-agent heapster\nimage-inspector openshift-enterprise-autoheal\nopenshift-enterprise-cluster-capacity openshift-eventrouter\nopenshift-external-storage\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.", "edition": 16, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-11-20T00:00:00", "title": "RHEL 7 : OpenShift Container Platform 3.11 HTTP/2 (RHSA-2019:3906) (Ping Flood) (Reset Flood)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:csi-driver-registrar", "p-cpe:/a:redhat:enterprise_linux:csi-livenessprobe-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-local-provisioner", "p-cpe:/a:redhat:enterprise_linux:prometheus-alertmanager", "p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-metrics-server", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-cluster-autoscaler", "p-cpe:/a:redhat:enterprise_linux:image-inspector", "p-cpe:/a:redhat:enterprise_linux:prometheus", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-manila-provisioner", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-efs-provisioner", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-web-console", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node-problem-detector", "p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-oauth-proxy", "p-cpe:/a:redhat:enterprise_linux:csi-attacher-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-provisioner", "p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter-debuginfo", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-descheduler", "p-cpe:/a:redhat:enterprise_linux:csi-provisioner", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-controller", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog", "p-cpe:/a:redhat:enterprise_linux:heapster", "p-cpe:/a:redhat:enterprise_linux:prometheus-node-exporter", "p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-prometheus-alert-buffer", "p-cpe:/a:redhat:enterprise_linux:csi-attacher", "p-cpe:/a:redhat:enterprise_linux:hawkular-openshift-agent", "p-cpe:/a:redhat:enterprise_linux:atomic-openshift-service-idler", "p-cpe:/a:redhat:enterprise_linux:cockpit-kubernetes", "p-cpe:/a:redhat:enterprise_linux:csi-livenessprobe", "p-cpe:/a:redhat:enterprise_linux:cockpit-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-cephfs-provisioner", "p-cpe:/a:redhat:enterprise_linux:csi-driver-registrar-debuginfo", "p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-cluster-capacity", "p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-autoheal", "p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog-svcat", "p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-debuginfo", "p-cpe:/a:redhat:enterprise_linux:csi-provisioner-debuginfo"], "id": "REDHAT-RHSA-2019-3906.NASL", "href": "https://www.tenable.com/plugins/nessus/131154", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3906. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131154);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/09\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:3906\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 3.11 HTTP/2 (RHSA-2019:3906) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat OpenShift Container Platform\n3.11.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nThe following RPM packages have been rebuilt with updated version of\nGo, which includes the security fixes listed further below :\n\natomic-enterprise-service-catalog atomic-openshift-cluster-autoscaler\natomic-openshift-descheduler atomic-openshift-metrics-server\natomic-openshift-node-problem-detector atomic-openshift-service-idler\natomic-openshift-web-console cockpit csi-attacher csi-driver-registrar\ncsi-livenessprobe csi-provisioner golang-github-openshift-oauth-proxy\ngolang-github-openshift-prometheus-alert-buffer\ngolang-github-prometheus-alertmanager\ngolang-github-prometheus-node_exporter\ngolang-github-prometheus-prometheus hawkular-openshift-agent heapster\nimage-inspector openshift-enterprise-autoheal\nopenshift-enterprise-cluster-capacity openshift-eventrouter\nopenshift-external-storage\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9514\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog-svcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-cluster-autoscaler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-descheduler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-metrics-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node-problem-detector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-service-idler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-web-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-attacher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-attacher-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-driver-registrar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-driver-registrar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-livenessprobe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-livenessprobe-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-provisioner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-oauth-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-prometheus-alert-buffer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hawkular-openshift-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:heapster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:image-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-autoheal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-cluster-capacity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-cephfs-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-efs-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-local-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-manila-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus-alertmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus-node-exporter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/20\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3906\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_exists(rpm:\"atomic-enterprise-service-catalog-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-enterprise-service-catalog-3.11.154-1.git.1.fa68ced.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-enterprise-service-catalog-svcat-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-enterprise-service-catalog-svcat-3.11.154-1.git.1.fa68ced.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-cluster-autoscaler-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-cluster-autoscaler-3.11.154-1.git.1.532da7a.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-descheduler-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-descheduler-3.11.154-1.git.1.1d31032.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-metrics-server-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-metrics-server-3.11.154-1.git.1.6a6b6ce.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-node-problem-detector-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-node-problem-detector-3.11.154-1.git.1.5e8e065.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-service-idler-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-service-idler-3.11.154-1.git.1.f80fb86.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-web-console-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-web-console-3.11.154-1.git.1.f54cb18.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cockpit-debuginfo-195-2.rhaos.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cockpit-kubernetes-195-2.rhaos.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-attacher-0.2.0-4.git27299be.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-attacher-debuginfo-0.2.0-4.git27299be.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-driver-registrar-0.2.0-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-driver-registrar-debuginfo-0.2.0-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-livenessprobe-0.0.1-2.gitff5b6a0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-livenessprobe-debuginfo-0.0.1-2.gitff5b6a0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-provisioner-0.2.0-3.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-provisioner-debuginfo-0.2.0-3.el7\")) flag++;\n if (rpm_exists(rpm:\"golang-github-openshift-oauth-proxy-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-openshift-oauth-proxy-3.11.154-1.git.1.220e3dc.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-openshift-prometheus-alert-buffer-0-3.gitceca8c1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"hawkular-openshift-agent-1.2.2-3.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"heapster-1.3.0-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"image-inspector-2.4.0-4.el7\")) flag++;\n if (rpm_exists(rpm:\"openshift-enterprise-autoheal-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-enterprise-autoheal-3.11.154-1.git.1.13199be.el7\")) flag++;\n if (rpm_exists(rpm:\"openshift-enterprise-cluster-capacity-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-enterprise-cluster-capacity-3.11.154-1.git.1.5798c2c.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-eventrouter-0.2-4.git7c289cc.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-eventrouter-debuginfo-0.2-4.git7c289cc.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-cephfs-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-debuginfo-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-efs-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-local-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-manila-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-snapshot-controller-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-snapshot-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-3.11.154-1.git.1.148db48.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-alertmanager-3.11.154-1.git.1.4acd2e6.el7\")) flag++;\n if (rpm_exists(rpm:\"prometheus-node-exporter-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-node-exporter-3.11.154-1.git.1.bc9f224.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"atomic-enterprise-service-catalog / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-12T09:39:54", "description": "The http2 server support in this package was vulnerable to certain\ntypes of DOS attacks.\n\nCVE-2019-9512\n\nThis code was vulnerable to ping floods, potentially leading to a\ndenial of service. The attacker sends continual pings to an HTTP/2\npeer, causing the peer to build an internal queue of responses.\nDepending on how efficiently this data is queued, this can consume\nexcess CPU, memory, or both.\n\nCVE-2019-9514\n\nThis code was vulnerable to a reset flood, potentially leading to a\ndenial of service. The attacker opens a number of streams and sends an\ninvalid request over each stream that should solicit a stream of\nRST_STREAM frames from the peer. Depending on how the peer queues the\nRST_STREAM frames, this can consume excess memory, CPU, or both.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:0.0+git20161013.8b4af36+dfsg-3+deb9u1.\n\nWe recommend that you upgrade your golang-golang-x-net-dev packages.\n\nFor the detailed security status of golang-golang-x-net-dev please\nrefer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/golang-golang-x-net-dev\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 2, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-12-09T00:00:00", "title": "Debian DLA-2485-1 : golang-golang-x-net-dev security update (Ping Flood) (Reset Flood)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2020-12-09T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:golang-golang-x-net-dev", "p-cpe:/a:debian:debian_linux:golang-go.net-dev", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2485.NASL", "href": "https://www.tenable.com/plugins/nessus/143594", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2485-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143594);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n\n script_name(english:\"Debian DLA-2485-1 : golang-golang-x-net-dev security update (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The http2 server support in this package was vulnerable to certain\ntypes of DOS attacks.\n\nCVE-2019-9512\n\nThis code was vulnerable to ping floods, potentially leading to a\ndenial of service. The attacker sends continual pings to an HTTP/2\npeer, causing the peer to build an internal queue of responses.\nDepending on how efficiently this data is queued, this can consume\nexcess CPU, memory, or both.\n\nCVE-2019-9514\n\nThis code was vulnerable to a reset flood, potentially leading to a\ndenial of service. The attacker opens a number of streams and sends an\ninvalid request over each stream that should solicit a stream of\nRST_STREAM frames from the peer. Depending on how the peer queues the\nRST_STREAM frames, this can consume excess memory, CPU, or both.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:0.0+git20161013.8b4af36+dfsg-3+deb9u1.\n\nWe recommend that you upgrade your golang-golang-x-net-dev packages.\n\nFor the detailed security status of golang-golang-x-net-dev please\nrefer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/golang-golang-x-net-dev\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/12/msg00011.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/golang-golang-x-net-dev\"\n );\n # https://security-tracker.debian.org/tracker/source-package/golang-golang-x-net-dev\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c2f3b613\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:golang-go.net-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:golang-golang-x-net-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"golang-go.net-dev\", reference:\"1:0.0+git20161013.8b4af36+dfsg-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"golang-golang-x-net-dev\", reference:\"1:0.0+git20161013.8b4af36+dfsg-3+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-14T15:43:11", "description": "The version of Kubernetes installed on the remote host is a version prior to 1.13.10, or 1.14.x prior to 1.14.6, or\n1.15.x prior to 1.15.3. It is, therefore, affected by the following denial of service vulnerabilities :\n\n - A denial of service (DoS) vulnerability exists in HTTP/2 due to some HTTP/2 implementations inefficiently\n handling a large queue of ping responses. An unauthenticated, remote attacker can exploit this issue, via\n continual ping requests, to cause the system to stop responding. (CVE-2019-9512)\n \n - A denial of service (DoS) vulnerability exists in HTTP/2 due to some HTTP/2 implementations inefficiently\n handling a queue of RST_STREAM frames. An unauthenticated, remote attacker can exploit this issue, by\n opening a number of streams and sending an invalid request over each stream, to cause the system to stop\n responding. (CVE-2019-9514)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's\nself-reported version number.", "edition": 3, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-03-31T00:00:00", "title": "Kubernetes 1.13.x < 1.13.10 / 1.14.x < 1.14.6 / 1.15.x < 1.15.3 DoS", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-9512", "CVE-2019-9514"], "modified": "2020-03-31T00:00:00", "cpe": ["cpe:/a:kubernetes:kubernetes", "cpe:/a:google:kubernetes"], "id": "KUBERNETES_1_15_3.NASL", "href": "https://www.tenable.com/plugins/nessus/135030", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135030);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/02\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n\n script_name(english:\"Kubernetes 1.13.x < 1.13.10 / 1.14.x < 1.14.6 / 1.15.x < 1.15.3 DoS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains an application affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Kubernetes installed on the remote host is a version prior to 1.13.10, or 1.14.x prior to 1.14.6, or\n1.15.x prior to 1.15.3. It is, therefore, affected by the following denial of service vulnerabilities :\n\n - A denial of service (DoS) vulnerability exists in HTTP/2 due to some HTTP/2 implementations inefficiently\n handling a large queue of ping responses. An unauthenticated, remote attacker can exploit this issue, via\n continual ping requests, to cause the system to stop responding. (CVE-2019-9512)\n \n - A denial of service (DoS) vulnerability exists in HTTP/2 due to some HTTP/2 implementations inefficiently\n handling a queue of RST_STREAM frames. An unauthenticated, remote attacker can exploit this issue, by\n opening a number of streams and sending an invalid request over each stream, to cause the system to stop\n responding. (CVE-2019-9514)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's\nself-reported version number.\");\n # https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e8a25528\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Kubernetes 1.13.10, 1.14.6, 1.15.3 or later, please refer to the vendor advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9512\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:kubernetes:kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:kubernetes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"kube_detect.nbin\");\n script_require_keys(\"installed_sw/Kubernetes\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_name = 'Kubernetes';\napp_info = vcf::get_app_info(app:app_name);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { 'min_version' : '1.13.0', 'fixed_version' : '1.13.10' },\n { 'min_version' : '1.14.0', 'fixed_version' : '1.14.6' },\n { 'min_version' : '1.15.0', 'fixed_version' : '1.15.3' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "The Go Programming Language. ", "modified": "2019-09-06T12:35:05", "published": "2019-09-06T12:35:05", "id": "FEDORA:691DA613FFAA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: golang-1.12.9-1.fc30", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14809", "CVE-2019-16276", "CVE-2019-9512", "CVE-2019-9514"], "description": "The Go Programming Language. ", "modified": "2019-10-09T16:54:30", "published": "2019-10-09T16:54:30", "id": "FEDORA:CCB9960F3CBA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: golang-1.12.10-1.fc30", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14809", "CVE-2019-16276", "CVE-2019-17596", "CVE-2019-9512", "CVE-2019-9514"], "description": "The Go Programming Language. ", "modified": "2019-11-12T02:09:13", "published": "2019-11-12T02:09:13", "id": "FEDORA:976B760CEC41", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: golang-1.12.13-1.fc30", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2019-09-07T22:40:45", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-09-07T21:11:24", "published": "2019-09-07T21:11:24", "id": "OPENSUSE-SU-2019:2085-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html", "title": "Security update for go1.12 (moderate)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-05T16:51:53", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "This update for go1.11 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.11.13 (bsc#1141688).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-09-05T15:11:31", "published": "2019-09-05T15:11:31", "id": "OPENSUSE-SU-2019:2072-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html", "title": "Security update for go1.11 (moderate)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-24T19:35:36", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth. (bsc#1146111)\n - CVE-2019-9514: Fixed HTTP/2 implementation is vulnerable to a reset\n flood, potentially leading to a denial of service. (bsc#1146115)\n - CVE-2019-14809: Fixed authorization bypass due to malformed hosts in\n URLs. (bsc#1146123)\n\n", "edition": 1, "modified": "2019-08-24T18:12:22", "published": "2019-08-24T18:12:22", "id": "OPENSUSE-SU-2019:2000-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html", "title": "Security update for go1.12 (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-14T20:43:21", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-09-14T18:10:28", "published": "2019-09-14T18:10:28", "id": "OPENSUSE-SU-2019:2130-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html", "title": "Security update for go1.12 (moderate)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-02T20:46:56", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-09-02T18:14:05", "published": "2019-09-02T18:14:05", "id": "OPENSUSE-SU-2019:2056-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html", "title": "Security update for go1.12 (moderate)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:40", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "Arch Linux Security Advisory ASA-201908-15\n==========================================\n\nSeverity: Medium\nDate : 2019-08-24\nCVE-ID : CVE-2019-9512 CVE-2019-9514 CVE-2019-14809\nPackage : go\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1021\n\nSummary\n=======\n\nThe package go before version 2:1.12.8-1 is vulnerable to multiple\nissues including denial of service and insufficient validation.\n\nResolution\n==========\n\nUpgrade to 2:1.12.8-1.\n\n# pacman -Syu \"go>=2:1.12.8-1\"\n\nThe problems have been fixed upstream in version 1.12.8.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2019-9512 (denial of service)\n\nAn issue has been found in several HTTP/2 implementations, where the\nattacker sends continual pings to an HTTP/2 peer, causing the peer to\nbuild an internal queue of responses. Depending on how efficiently this\ndata is queued, this can consume excess CPU, memory, or both,\npotentially leading to a denial of service.\n\n- CVE-2019-9514 (denial of service)\n\nAn issue has been found in several HTTP/2 implementations, where the\nattacker opens a number of streams and sends an invalid request over\neach stream that should solicit a stream of RST_STREAM frames from the\npeer. Depending on how the peer queues the RST_STREAM frames, this can\nconsume excess memory, CPU, or both, potentially leading to a denial of\nservice.\n\n- CVE-2019-14809 (insufficient validation)\n\nAn issue has been found in Go before 1.12.8, where url.Parse would\naccept URLs with malformed hosts, such that the Host field could have\narbitrary suffixes that would appear in neither Hostname() nor Port(),\nallowing authorization bypasses in certain applications. Note that URLs\nwith invalid, not numeric ports will now return an error from\nurl.Parse.\n\nImpact\n======\n\nA remote attacker is able to cause a denial of service by sending a\nspecially crafted packet or bypass authorization due to insufficient\nvalidation.\n\nReferences\n==========\n\nhttps://groups.google.com/forum/#!msg/golang-announce/65QixT3tcmg/DrFiG6vvCwAJ\nhttps://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md\nhttps://golang.org/issue/29098\nhttps://security.archlinux.org/CVE-2019-9512\nhttps://security.archlinux.org/CVE-2019-9514\nhttps://security.archlinux.org/CVE-2019-14809", "modified": "2019-08-24T00:00:00", "published": "2019-08-24T00:00:00", "id": "ASA-201908-15", "href": "https://security.archlinux.org/ASA-201908-15", "type": "archlinux", "title": "[ASA-201908-15] go: multiple issues", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-22T18:36:40", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14809", "CVE-2019-9512", "CVE-2019-9514"], "description": "Arch Linux Security Advisory ASA-201908-16\n==========================================\n\nSeverity: Medium\nDate : 2019-08-24\nCVE-ID : CVE-2019-9512 CVE-2019-9514 CVE-2019-14809\nPackage : go-pie\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1020\n\nSummary\n=======\n\nThe package go-pie before version 2:1.12.8-1 is vulnerable to multiple\nissues including denial of service and insufficient validation.\n\nResolution\n==========\n\nUpgrade to 2:1.12.8-1.\n\n# pacman -Syu \"go-pie>=2:1.12.8-1\"\n\nThe problems have been fixed upstream in version 1.12.8.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2019-9512 (denial of service)\n\nAn issue has been found in several HTTP/2 implementations, where the\nattacker sends continual pings to an HTTP/2 peer, causing the peer to\nbuild an internal queue of responses. Depending on how efficiently this\ndata is queued, this can consume excess CPU, memory, or both,\npotentially leading to a denial of service.\n\n- CVE-2019-9514 (denial of service)\n\nAn issue has been found in several HTTP/2 implementations, where the\nattacker opens a number of streams and sends an invalid request over\neach stream that should solicit a stream of RST_STREAM frames from the\npeer. Depending on how the peer queues the RST_STREAM frames, this can\nconsume excess memory, CPU, or both, potentially leading to a denial of\nservice.\n\n- CVE-2019-14809 (insufficient validation)\n\nAn issue has been found in Go before 1.12.8, where url.Parse would\naccept URLs with malformed hosts, such that the Host field could have\narbitrary suffixes that would appear in neither Hostname() nor Port(),\nallowing authorization bypasses in certain applications. Note that URLs\nwith invalid, not numeric ports will now return an error from\nurl.Parse.\n\nImpact\n======\n\nA remote attacker is able to cause a denial of service by sending a\nspecially crafted packet or bypass authorization due to insufficient\nvalidation.\n\nReferences\n==========\n\nhttps://groups.google.com/forum/#!msg/golang-announce/65QixT3tcmg/DrFiG6vvCwAJ\nhttps://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md\nhttps://golang.org/issue/29098\nhttps://security.archlinux.org/CVE-2019-9512\nhttps://security.archlinux.org/CVE-2019-9514\nhttps://security.archlinux.org/CVE-2019-14809", "modified": "2019-08-24T00:00:00", "published": "2019-08-24T00:00:00", "id": "ASA-201908-16", "href": "https://security.archlinux.org/ASA-201908-16", "type": "archlinux", "title": "[ASA-201908-16] go-pie: multiple issues", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "apple": [{"lastseen": "2020-12-24T20:41:15", "bulletinFamily": "software", "cvelist": ["CVE-2019-9515", "CVE-2019-9512", "CVE-2019-9518", "CVE-2019-9514", "CVE-2019-9516"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## SwiftNIO HTTP/2 1.5.0\n\nReleased August 13, 2019\n\n**SwiftNIO HTTP/2**\n\nAvailable for: SwiftNIO HTTP/2 1.0.0 through 1.4.0 on macOS Sierra 10.12 and later and Ubuntu 14.04 and later\n\nImpact: A HTTP/2 server may consume unbounded amounts of memory when receiving certain traffic patterns and eventually suffer resource exhaustion\n\nDescription: This issue was addressed with improved buffer size management.\n\nCVE-2019-9512: Jonathan Looney of Netflix\n\nCVE-2019-9514: Jonathan Looney of Netflix\n\nCVE-2019-9515: Jonathan Looney of Netflix\n\nCVE-2019-9516: Jonathan Looney of Netflix\n\n**SwiftNIO HTTP/2**\n\nAvailable for: SwiftNIO HTTP/2 1.0.0 through 1.4.0 on macOS Sierra 10.12 and later and Ubuntu 14.04 and later\n\nImpact: A HTTP/2 server may consume excessive CPU resources when receiving certain traffic patterns\n\nDescription: This issue was addressed with improved input validation.\n\nCVE-2019-9518: Piotr Sikora of Google, Envoy Security Team\n", "edition": 2, "modified": "2019-08-13T06:09:21", "published": "2019-08-13T06:09:21", "id": "APPLE:HT210436", "href": "https://support.apple.com/kb/HT210436", "title": "About the security content of SwiftNIO HTTP/2 1.5.0 - Apple Support", "type": "apple", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}
