Lucene search
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20180522_KERNEL_ON_SL7_X.NASLHistoryMay 23, 2018 - 12:00 a.m.
Scientific Linux Security Update : kernel on SL7.x x86_64 (20180522) (Spectre)
2018-05-2300:00:00
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
Security Fix(es) :
- An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor’s data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks.
(CVE-2018-3639)
Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software side of the mitigation for this hardware issue. To be fully functional, up-to-date CPU microcode applied on the system is required. Please refer to References section for further information about this issue, CPU microcode requirements and the potential performance impact.
In this update mitigations for x86-64 architecture are provided.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#
include("compat.inc");
if (description)
{
script_id(110025);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/04/15");
script_cve_id("CVE-2018-3639");
script_name(english:"Scientific Linux Security Update : kernel on SL7.x x86_64 (20180522) (Spectre)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Scientific Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Security Fix(es) :
- An industry-wide issue was found in the way many modern
microprocessor designs have implemented speculative
execution of Load & Store instructions (a commonly
used performance optimization). It relies on the
presence of a precisely-defined instruction sequence in
the privileged code as well as the fact that memory read
from address to which a recent memory write has occurred
may see an older value and subsequently cause an update
into the microprocessor's data cache even for
speculatively executed instructions that never actually
commit (retire). As a result, an unprivileged attacker
could use this flaw to read privileged memory by
conducting targeted cache side-channel attacks.
(CVE-2018-3639)
Note: This issue is present in hardware and cannot be fully fixed via
software update. The updated kernel packages provide software side of
the mitigation for this hardware issue. To be fully functional,
up-to-date CPU microcode applied on the system is required. Please
refer to References section for further information about this issue,
CPU microcode requirements and the potential performance impact.
In this update mitigations for x86-64 architecture are provided."
);
# https://listserv.fnal.gov/scripts/wa.exe?A2=ind1805&L=scientific-linux-errata&F=&S=&P=25141
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?17f49d72"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-tools-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:python-perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/05/22");
script_set_attribute(attribute:"patch_publication_date", value:"2018/05/22");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/23");
script_set_attribute(attribute:"in_the_news", value:"true");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Scientific Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
flag = 0;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", reference:"kernel-abi-whitelists-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-debug-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-debug-debuginfo-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-debug-devel-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-debuginfo-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-debuginfo-common-x86_64-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-devel-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", reference:"kernel-doc-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-headers-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-tools-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-tools-debuginfo-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-tools-libs-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-tools-libs-devel-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"perf-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"perf-debuginfo-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"python-perf-3.10.0-862.3.2.el7")) flag++;
if (rpm_check(release:"SL7", cpu:"x86_64", reference:"python-perf-debuginfo-3.10.0-862.3.2.el7")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_NOTE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-abi-whitelists / kernel-debug / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fermilab | scientific_linux | kernel | p-cpe:/a:fermilab:scientific_linux:kernel |
| fermilab | scientific_linux | kernel-abi-whitelists | p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists |
| fermilab | scientific_linux | kernel-debug | p-cpe:/a:fermilab:scientific_linux:kernel-debug |
| fermilab | scientific_linux | kernel-debug-debuginfo | p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo |
| fermilab | scientific_linux | kernel-debug-devel | p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel |
| fermilab | scientific_linux | kernel-debuginfo | p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo |
| fermilab | scientific_linux | kernel-debuginfo-common-x86_64 | p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64 |
| fermilab | scientific_linux | kernel-devel | p-cpe:/a:fermilab:scientific_linux:kernel-devel |
| fermilab | scientific_linux | kernel-doc | p-cpe:/a:fermilab:scientific_linux:kernel-doc |
| fermilab | scientific_linux | kernel-headers | p-cpe:/a:fermilab:scientific_linux:kernel-headers |
Related
nessus
nessus
RHEL 6 : qemu-kvm (RHSA-2018:1659) (Spectre)
2018-05-23 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1377-1) (Spectre)
2018-05-23 00:00:00
openSUSE Security Update : libvirt (openSUSE-2019-424) (Spectre)
2019-03-27 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: java-1.8.0-openjdk-1.8.0.201.b09-2.fc29
2019-02-11 01:57:50
[SECURITY] Fedora 28 Update: java-1.8.0-openjdk-1.8.0.201.b09-2.fc28
2019-02-25 01:34:09
[SECURITY] Fedora 29 Update: java-1.8.0-openjdk-1.8.0.212.b04-0.fc29
2019-05-03 03:43:22
citrix
citrix
CVE-2018-3639 - Citrix XenServer Security Update
2018-05-22 04:00:00
oraclelinux
oraclelinux
qemu-kvm security update
2018-05-22 00:00:00
libvirt security update
2018-05-22 00:00:00
libvirt security and bug fix update
2018-06-27 00:00:00
f5
f5
K29146534 : SSB Variant 4 vulnerability CVE-2018-3639
2018-07-10 00:00:00
suse
suse
Security update for libvirt (moderate)
2018-08-13 12:07:25
Security update for libvirt (important)
2018-06-09 15:07:56
ibm
ibm
debian
debian
[SECURITY] [DSA 4210-1] xen security update
2018-05-25 05:00:47
redhat
redhat
(RHSA-2018:2171) Important: kernel security update
2018-07-11 15:14:50
(RHSA-2018:2161) Important: kernel security and bug fix update
2018-07-10 15:28:42
(RHSA-2018:1664) Important: libvirt security update
2018-05-21 23:03:43
virtuozzo
virtuozzo
debiancve
debiancve
CVE-2018-3639
2018-05-22 12:29:00
mageia
mageia
Updated libvirt packages fix security vulnerability
2018-05-31 23:34:08
centos
centos
java security update
2018-05-22 15:32:03
kernel, perf, python security update
2018-05-22 15:35:50
qemu security update
2018-07-03 18:54:02
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:1475-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:1479-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:1377-1)
2021-04-19 00:00:00
osv
osv
xen - security update
2018-05-25 00:00:00
CVE-2018-3639
2018-05-22 12:29:00
zdt
zdt
photon
photon
kaspersky
kaspersky
KLA11893 Microsoft Advisory for Microsoft Products (ESU)
2018-05-21 00:00:00
amazon
amazon
Important: java-1.8.0-openjdk
2018-06-08 18:10:00
Important: java-1.7.0-openjdk
2018-06-08 18:05:00
Important: java-1.7.0-openjdk
2018-06-08 18:32:00
symantec
symantec
Multiple CPU Hardware CVE-2018-3639 Information Disclosure Vulnerability
2018-05-21 00:00:00
msrc
msrc
Analysis and mitigation of speculative store bypass (CVE-2018-3639)
2018-05-21 07:00:00
veracode
veracode
Information Disclosure
2019-01-15 09:22:18
vmware
vmware
cve
cve
CVE-2018-3639
2018-05-22 12:29:00
ubuntu
ubuntu
QEMU update
2018-06-12 00:00:00
Related for SL_20180522_KERNEL_ON_SL7_X.NASL