Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SLACKWARE_SSA_2019-169-01.NASLHistoryJun 19, 2019 - 12:00 a.m.
Slackware 14.2 / current : kernel (SSA:2019-169-01) (SACK Panic) (SACK Slowness)
2019-06-1900:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
97
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
8.3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
8.1
Confidence
High
EPSS
0.974
Percentile
99.9%
New kernel packages are available for Slackware 14.2 and -current to fix security issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Slackware Security Advisory 2019-169-01. The text
# itself is copyright (C) Slackware Linux, Inc.
#
include('compat.inc');
if (description)
{
script_id(126031);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/15");
script_cve_id(
"CVE-2018-1000026",
"CVE-2018-20510",
"CVE-2018-20836",
"CVE-2018-5391",
"CVE-2019-11190",
"CVE-2019-11477",
"CVE-2019-11478",
"CVE-2019-11479",
"CVE-2019-11486",
"CVE-2019-11810",
"CVE-2019-11815",
"CVE-2019-11833",
"CVE-2019-11884",
"CVE-2019-3459",
"CVE-2019-3460",
"CVE-2019-3882",
"CVE-2019-6974",
"CVE-2019-7221",
"CVE-2019-7222",
"CVE-2019-9213",
"CVE-2019-9503"
);
script_xref(name:"SSA", value:"2019-169-01");
script_xref(name:"CEA-ID", value:"CEA-2019-0456");
script_name(english:"Slackware 14.2 / current : kernel (SSA:2019-169-01) (SACK Panic) (SACK Slowness)");
script_set_attribute(attribute:"synopsis", value:
"The remote Slackware host is missing a security update.");
script_set_attribute(attribute:"description", value:
"New kernel packages are available for Slackware 14.2 and -current to
fix security issues.");
# http://www.slackware.com/security/viewer.php?l=slackware-security&y=2019&m=slackware-security.1029019
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?6f4b67cc");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-11815");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2019-9503");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Reliable Datagram Sockets (RDS) rds_atomic_free_op NULL pointer dereference Privilege Escalation');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"in_the_news", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/02/09");
script_set_attribute(attribute:"patch_publication_date", value:"2019/06/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/19");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-generic-smp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-huge");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-huge-smp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-modules-smp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:kernel-source");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:14.2");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Slackware Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("slackware.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);
flag = 0;
if (slackware_check(osver:"14.2", pkgname:"kernel-firmware", pkgver:"20190618_acb56f2", pkgarch:"noarch", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", pkgname:"kernel-generic", pkgver:"4.4.182", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", pkgname:"kernel-generic-smp", pkgver:"4.4.182_smp", pkgarch:"i686", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", pkgname:"kernel-headers", pkgver:"4.4.182_smp", pkgarch:"x86", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", pkgname:"kernel-huge", pkgver:"4.4.182", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", pkgname:"kernel-huge-smp", pkgver:"4.4.182_smp", pkgarch:"i686", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", pkgname:"kernel-modules", pkgver:"4.4.182", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", pkgname:"kernel-modules-smp", pkgver:"4.4.182_smp", pkgarch:"i686", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", pkgname:"kernel-source", pkgver:"4.4.182_smp", pkgarch:"noarch", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", arch:"x86_64", pkgname:"kernel-firmware", pkgver:"20190618_acb56f2", pkgarch:"noarch", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", arch:"x86_64", pkgname:"kernel-generic", pkgver:"4.4.182", pkgarch:"x86_64", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", arch:"x86_64", pkgname:"kernel-headers", pkgver:"4.4.182", pkgarch:"x86", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", arch:"x86_64", pkgname:"kernel-huge", pkgver:"4.4.182", pkgarch:"x86_64", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", arch:"x86_64", pkgname:"kernel-modules", pkgver:"4.4.182", pkgarch:"x86_64", pkgnum:"1")) flag++;
if (slackware_check(osver:"14.2", arch:"x86_64", pkgname:"kernel-source", pkgver:"4.4.182", pkgarch:"noarch", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", pkgname:"kernel-firmware", pkgver:"20190618_acb56f2", pkgarch:"noarch", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", pkgname:"kernel-generic", pkgver:"4.19.52", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", pkgname:"kernel-generic-smp", pkgver:"4.19.52_smp", pkgarch:"i686", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", pkgname:"kernel-headers", pkgver:"4.19.52_smp", pkgarch:"x86", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", pkgname:"kernel-huge", pkgver:"4.19.52", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", pkgname:"kernel-huge-smp", pkgver:"4.19.52_smp", pkgarch:"i686", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", pkgname:"kernel-modules", pkgver:"4.19.52", pkgarch:"i586", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", pkgname:"kernel-modules-smp", pkgver:"4.19.52_smp", pkgarch:"i686", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", pkgname:"kernel-source", pkgver:"4.19.52_smp", pkgarch:"noarch", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", arch:"x86_64", pkgname:"kernel-firmware", pkgver:"20190618_acb56f2", pkgarch:"noarch", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", arch:"x86_64", pkgname:"kernel-generic", pkgver:"4.19.52", pkgarch:"x86_64", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", arch:"x86_64", pkgname:"kernel-headers", pkgver:"4.19.52", pkgarch:"x86", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", arch:"x86_64", pkgname:"kernel-huge", pkgver:"4.19.52", pkgarch:"x86_64", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", arch:"x86_64", pkgname:"kernel-modules", pkgver:"4.19.52", pkgarch:"x86_64", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", arch:"x86_64", pkgname:"kernel-source", pkgver:"4.19.52", pkgarch:"noarch", pkgnum:"1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| slackware | slackware_linux | kernel-generic-smp | p-cpe:/a:slackware:slackware_linux:kernel-generic-smp |
| slackware | slackware_linux | kernel-source | p-cpe:/a:slackware:slackware_linux:kernel-source |
| slackware | slackware_linux | kernel-headers | p-cpe:/a:slackware:slackware_linux:kernel-headers |
| slackware | slackware_linux | kernel-generic | p-cpe:/a:slackware:slackware_linux:kernel-generic |
| slackware | slackware_linux | cpe:/o:slackware:slackware_linux | |
| slackware | slackware_linux | kernel-huge-smp | p-cpe:/a:slackware:slackware_linux:kernel-huge-smp |
| slackware | slackware_linux | kernel-modules | p-cpe:/a:slackware:slackware_linux:kernel-modules |
| slackware | slackware_linux | 14.2 | cpe:/o:slackware:slackware_linux:14.2 |
| slackware | slackware_linux | kernel-modules-smp | p-cpe:/a:slackware:slackware_linux:kernel-modules-smp |
| slackware | slackware_linux | kernel-firmware | p-cpe:/a:slackware:slackware_linux:kernel-firmware |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000026
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20510
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20836
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5391
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11190
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11477
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11478
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11479
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11486
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11810
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11815
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11833
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11884
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3459
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3460
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3882
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6974
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7221
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7222
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9213
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9503
www.nessus.org/u?6f4b67cc
Related
slackware
slackware
[slackware-security] kernel
2019-06-18 22:33:08
openvas
openvas
Slackware: Security Advisory (SSA:2019-169-01)
2022-04-21 00:00:00
openSUSE: Security Advisory for the (openSUSE-SU-2019:0274-1)
2019-03-02 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1692)
2020-01-23 00:00:00
nessus
nessus
openSUSE Security Update : the Linux Kernel (openSUSE-2019-274)
2019-03-04 00:00:00
Photon OS 1.0: Linux PHSA-2019-1.0-0236
2019-06-24 00:00:00
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4685)
2019-06-18 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2019-03-01 00:00:00
Security update for the Linux Kernel (important)
2019-02-18 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2019-06-17 00:00:00
Unbreakable Enterprise kernel security update
2019-06-17 00:00:00
Unbreakable Enterprise kernel security update
2019-06-17 00:00:00
redhat
redhat
(RHSA-2019:1480) Important: kernel-rt security and bug fix update
2019-06-17 19:45:02
(RHSA-2019:1479) Important: kernel security and bug fix update
2019-06-17 17:30:08
(RHSA-2019:1486) Important: kernel-rt security update
2019-06-17 19:45:06
symantec
symantec
Linux Kernel Vulnerabilities May-June 2019
2019-09-05 08:00:00
debian
debian
[SECURITY] [DSA 4465-1] linux security update
2019-06-17 18:00:31
[SECURITY] [DSA 4465-1] linux security update
2019-06-17 18:00:31
[SECURITY] [DLA 1824-1] linux-4.9 security update
2019-06-18 10:23:55
osv
osv
linux - security update
2019-06-17 00:00:00
linux-4.9 - security update
2019-06-17 00:00:00
linux - security update
2019-06-17 00:00:00
amazon
amazon
Important: kernel
2019-03-07 18:24:00
Critical: kernel
2019-06-13 21:37:00
Critical: kernel
2019-06-13 22:11:00
arista
arista
Security Advisory 0041
2019-06-26 00:00:00
myhack58
myhack58
archlinux
archlinux
[ASA-201906-14] linux-lts: denial of service
2019-06-18 00:00:00
[ASA-201906-12] linux-hardened: denial of service
2019-06-17 00:00:00
[ASA-201906-13] linux: denial of service
2019-06-18 00:00:00
mscve
mscve
Linux Kernel TCP SACK Denial of Service Vulnerability
2019-06-28 07:00:00
ibm
ibm
fortinet
fortinet
attackerkb
attackerkb
TCP SACK PANIC
2020-02-13 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: kernel-headers-4.20.8-100.fc28
2019-02-16 01:25:12
[SECURITY] Fedora 29 Update: kernel-headers-5.1.11-200.fc29
2019-06-18 21:19:41
[SECURITY] Fedora 30 Update: kernel-headers-5.1.11-300.fc30
2019-06-18 18:15:45
citrix
citrix
Citrix SD-WAN Security Update
2019-09-11 04:00:00
centos
centos
bpftool, kernel, perf, python security update
2019-06-19 00:21:01
checkpoint_security
checkpoint_security
ubuntu
ubuntu
Linux kernel vulnerabilities
2019-04-02 00:00:00
Linux kernel (Trusty HWE) vulnerabilities
2019-04-02 00:00:00
Linux kernel vulnerabilities
2019-07-25 00:00:00
mageia
mageia
Updated kernel-tmb packages fix security vulnerability
2019-06-21 04:07:01
Updated kernel-linus packages fix security vulnerability
2019-06-21 04:07:01
cloudfoundry
cloudfoundry
USN-4068-2: Linux kernel (HWE) vulnerabilities | Cloud Foundry
2019-08-29 00:00:00
USN-4008-2: AppArmor update | Cloud Foundry
2019-06-18 00:00:00
altlinux
altlinux
paloalto
paloalto
Information about TCP SACK Panic Findings in PAN-OS
2019-06-27 00:00:00
threatpost
threatpost
Linux Kernel Bug Knocks PCs, IoT Gadgets and More Offline
2019-06-18 18:43:50
virtuozzo
virtuozzo
zdt
zdt
Linux / FreeBSD TCP-Based Denial Of Service Vulnerability
2019-06-18 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
8.3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
8.1
Confidence
High
EPSS
0.974
Percentile
99.9%
Related for SLACKWARE_SSA_2019-169-01.NASL