Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 Tenable Network Security, Inc.SUSE_11_KERNEL-131106.NASL
HistoryNov 22, 2013 - 12:00 a.m.

SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 8509 / 8516 / 8518)

2013-11-2200:00:00
This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.
www.tenable.com
12
JSON

The SUSE Linux Enterprise 11 Service Pack 2 kernel was updated to version 3.0.101 and also includes various other bug and security fixes.

The following features have been added :

  • Drivers: hv: Support handling multiple VMBUS versions (FATE#314665).

  • Drivers: hv: Save and export negotiated vmbus version (FATE#314665).

  • Drivers: hv: Move vmbus version definitions to hyperv.h (FATE#314665). The following security issue has been fixed :

  • The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel did not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allowed remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic. (bnc#826102). (CVE-2013-2206)

The following non-security bugs have been fixed :

  • kernel: sclp console hangs (bnc#841498, LTC#95711).

  • intel-iommu: Fix leaks in pagetable freeing.
    (bnc#841402)

  • iommu/vt-d: add quirk for broken interrupt remapping on 55XX chipsets. (bnc#844513)

  • x86/iommu/vt-d: Expand interrupt remapping quirk to cover x58 chipset. (bnc#844513)

  • iommu/vt-d: Only warn about broken interrupt remapping.
    (bnc#844513)

  • iommu: Remove stack trace from broken irq remapping warning. (bnc#844513)

  • softirq: reduce latencies. (bnc#797526)

  • Fix lockup related to stop_machine being stuck in
    __do_softirq. (bnc#797526)

  • splice: fix racy pipe->buffers uses. (bnc#827246)

  • blktrace: fix race with open trace files and directory removal. (bnc#832292)

  • mm: Do not walk all of system memory during show_mem (Reduce tasklist_lock hold times (bnc#821259)).

  • mm: Bounce memory pool initialisation. (bnc#836347)

  • mm, memcg: introduce own oom handler to iterate only over its own threads.

  • mm, memcg: move all oom handling to memcontrol.c.

  • mm, oom: avoid looping when chosen thread detaches its mm.

  • mm, oom: fold oom_kill_task() into oom_kill_process().

  • mm, oom: introduce helper function to process threads during scan.

  • mm, oom: reduce dependency on tasklist_lock.

  • ipv6: do not call fib6_run_gc() until routing is ready.
    (bnc#836218)

  • ipv6: prevent fib6_run_gc() contention. (bnc#797526)

  • ipv6: update ip6_rt_last_gc every time GC is run.
    (bnc#797526)

  • net/mlx4_en: Fix BlueFlame race. (bnc#835684)

  • netfilter: nf_conntrack: use RCU safe kfree for conntrack extensions (bnc#827416 bko#60853).

  • netfilter: prevent race condition breaking net reference counting. (bnc#835094)

  • net: remove skb_orphan_try(). (bnc#834600)

  • bonding: check bond->vlgrp in bond_vlan_rx_kill_vid().
    (bnc#834905)

  • sctp: deal with multiple COOKIE_ECHO chunks.
    (bnc#826102)

  • SUNRPC: close a rare race in xs_tcp_setup_socket.
    (bnc#794824)

  • NFS: make nfs_flush_incompatible more generous.
    (bnc#816099)

  • NFS: do not try to use lock state when we hold a delegation. (bnc#831029)

  • nfs_lookup_revalidate(): fix a leak. (bnc#828894)

  • xfs: growfs: use uncached buffers for new headers.
    (bnc#842604)

  • xfs: Check the return value of xfs_buf_get().
    (bnc#842604)

  • xfs: avoid double-free in xfs_attr_node_addname.

  • do_add_mount()/umount -l races. (bnc#836801)

  • cifs: Fix TRANS2_QUERY_FILE_INFO ByteCount fields.
    (bnc#804950)

  • cifs: Fix EREMOTE errors encountered on DFS links.
    (bnc#831143)

  • reiserfs: fix race with flush_used_journal_lists and flush_journal_list. (bnc#837803)

  • reiserfs: remove useless flush_old_journal_lists.

  • fs: writeback: Do not sync data dirtied after sync start. (bnc#833820)

  • rcu: Do not trigger false positive RCU stall detection.
    (bnc#834204)

  • lib/radix-tree.c: make radix_tree_node_alloc() work correctly within interrupt. (bnc#763463)

  • bnx2x: Change to D3hot only on removal. (bnc#838448)

  • vmxnet3: prevent div-by-zero panic when ring resizing uninitialized dev. (bnc#833321)

  • Drivers: hv: Support handling multiple VMBUS versions (fate#314665).

  • Drivers: hv: Save and export negotiated vmbus version (fate#314665).

  • Drivers: hv: Move vmbus version definitions to hyperv.h (fate#314665).

  • Drivers: hv: util: Fix a bug in version negotiation code for util services. (bnc#828714)

  • Drivers: hv: util: Correctly support ws2008R2 and earlier. (bnc#838346)

  • Drivers: hv: util: Fix a bug in util version negotiation code. (bnc#838346)

  • iscsi: do not hang in endless loop if no targets present. (bnc#841094)

  • ata: Set proper SK when CK_COND is set. (bnc#833588)

  • md: Throttle number of pending write requests in md/raid10. (bnc#833858)

  • dm: ignore merge_bvec for snapshots when safe.
    (bnc#820848)

  • elousb: some systems cannot stomach work around.
    (bnc#840830)

  • bio-integrity: track owner of integrity payload.
    (bnc#831380)

  • quirks: add touchscreen that is dazzeled by remote wakeup. (bnc#835930)

  • Fixed Xen guest freezes. (bnc#829682, bnc#842063)

  • config/debug: Enable FSCACHE_DEBUG and CACHEFILES_DEBUG.
    (bnc#837372)

  • series.conf: disable XHCI ring expansion patches because on machines with large memory they cause a starvation problem. (bnc#833635)

  • rpm/old-flavors, rpm/mkspec: Add version information to obsolete flavors. (bnc#821465)

  • rpm/kernel-binary.spec.in: Move the xenpae obsolete to the old-flavors file.

  • rpm/old-flavors: Convert the old-packages.conf file to a flat list.

  • rpm/old-packages.conf: Drop bogus obsoletes for ‘smp’.
    (bnc#821465)

  • rpm/kernel-binary.spec.in: Make sure that all KMP obsoletes are versioned. (bnc#821465)

  • rpm/kernel-binary.spec.in: Remove unversioned provides/obsoletes for packages that were only seen in openSUSE releases up to 11.0. . (bnc#821465)

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(71033);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2013-2206");

  script_name(english:"SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 8509 / 8516 / 8518)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 11 host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The SUSE Linux Enterprise 11 Service Pack 2 kernel was updated to
version 3.0.101 and also includes various other bug and security
fixes.

The following features have been added :

  - Drivers: hv: Support handling multiple VMBUS versions
    (FATE#314665).

  - Drivers: hv: Save and export negotiated vmbus version
    (FATE#314665).

  - Drivers: hv: Move vmbus version definitions to hyperv.h
    (FATE#314665). The following security issue has been
    fixed :

  - The sctp_sf_do_5_2_4_dupcook function in
    net/sctp/sm_statefuns.c in the SCTP implementation in
    the Linux kernel did not properly handle associations
    during the processing of a duplicate COOKIE ECHO chunk,
    which allowed remote attackers to cause a denial of
    service (NULL pointer dereference and system crash) or
    possibly have unspecified other impact via crafted SCTP
    traffic. (bnc#826102). (CVE-2013-2206)

The following non-security bugs have been fixed :

  - kernel: sclp console hangs (bnc#841498, LTC#95711).

  - intel-iommu: Fix leaks in pagetable freeing.
    (bnc#841402)

  - iommu/vt-d: add quirk for broken interrupt remapping on
    55XX chipsets. (bnc#844513)

  - x86/iommu/vt-d: Expand interrupt remapping quirk to
    cover x58 chipset. (bnc#844513)

  - iommu/vt-d: Only warn about broken interrupt remapping.
    (bnc#844513)

  - iommu: Remove stack trace from broken irq remapping
    warning. (bnc#844513)

  - softirq: reduce latencies. (bnc#797526)

  - Fix lockup related to stop_machine being stuck in
    __do_softirq. (bnc#797526)

  - splice: fix racy pipe->buffers uses. (bnc#827246)

  - blktrace: fix race with open trace files and directory
    removal. (bnc#832292)

  - mm: Do not walk all of system memory during show_mem
    (Reduce tasklist_lock hold times (bnc#821259)).

  - mm: Bounce memory pool initialisation. (bnc#836347)

  - mm, memcg: introduce own oom handler to iterate only
    over its own threads.

  - mm, memcg: move all oom handling to memcontrol.c.

  - mm, oom: avoid looping when chosen thread detaches its
    mm.

  - mm, oom: fold oom_kill_task() into oom_kill_process().

  - mm, oom: introduce helper function to process threads
    during scan.

  - mm, oom: reduce dependency on tasklist_lock.

  - ipv6: do not call fib6_run_gc() until routing is ready.
    (bnc#836218)

  - ipv6: prevent fib6_run_gc() contention. (bnc#797526)

  - ipv6: update ip6_rt_last_gc every time GC is run.
    (bnc#797526)

  - net/mlx4_en: Fix BlueFlame race. (bnc#835684)

  - netfilter: nf_conntrack: use RCU safe kfree for
    conntrack extensions (bnc#827416 bko#60853).

  - netfilter: prevent race condition breaking net reference
    counting. (bnc#835094)

  - net: remove skb_orphan_try(). (bnc#834600)

  - bonding: check bond->vlgrp in bond_vlan_rx_kill_vid().
    (bnc#834905)

  - sctp: deal with multiple COOKIE_ECHO chunks.
    (bnc#826102)

  - SUNRPC: close a rare race in xs_tcp_setup_socket.
    (bnc#794824)

  - NFS: make nfs_flush_incompatible more generous.
    (bnc#816099)

  - NFS: do not try to use lock state when we hold a
    delegation. (bnc#831029)

  - nfs_lookup_revalidate(): fix a leak. (bnc#828894)

  - xfs: growfs: use uncached buffers for new headers.
    (bnc#842604)

  - xfs: Check the return value of xfs_buf_get().
    (bnc#842604)

  - xfs: avoid double-free in xfs_attr_node_addname.

  - do_add_mount()/umount -l races. (bnc#836801)

  - cifs: Fix TRANS2_QUERY_FILE_INFO ByteCount fields.
    (bnc#804950)

  - cifs: Fix EREMOTE errors encountered on DFS links.
    (bnc#831143)

  - reiserfs: fix race with flush_used_journal_lists and
    flush_journal_list. (bnc#837803)

  - reiserfs: remove useless flush_old_journal_lists.

  - fs: writeback: Do not sync data dirtied after sync
    start. (bnc#833820)

  - rcu: Do not trigger false positive RCU stall detection.
    (bnc#834204)

  - lib/radix-tree.c: make radix_tree_node_alloc() work
    correctly within interrupt. (bnc#763463)

  - bnx2x: Change to D3hot only on removal. (bnc#838448)

  - vmxnet3: prevent div-by-zero panic when ring resizing
    uninitialized dev. (bnc#833321)

  - Drivers: hv: Support handling multiple VMBUS versions
    (fate#314665).

  - Drivers: hv: Save and export negotiated vmbus version
    (fate#314665).

  - Drivers: hv: Move vmbus version definitions to hyperv.h
    (fate#314665).

  - Drivers: hv: util: Fix a bug in version negotiation code
    for util services. (bnc#828714)

  - Drivers: hv: util: Correctly support ws2008R2 and
    earlier. (bnc#838346)

  - Drivers: hv: util: Fix a bug in util version negotiation
    code. (bnc#838346)

  - iscsi: do not hang in endless loop if no targets
    present. (bnc#841094)

  - ata: Set proper SK when CK_COND is set. (bnc#833588)

  - md: Throttle number of pending write requests in
    md/raid10. (bnc#833858)

  - dm: ignore merge_bvec for snapshots when safe.
    (bnc#820848)

  - elousb: some systems cannot stomach work around.
    (bnc#840830)

  - bio-integrity: track owner of integrity payload.
    (bnc#831380)

  - quirks: add touchscreen that is dazzeled by remote
    wakeup. (bnc#835930)

  - Fixed Xen guest freezes. (bnc#829682, bnc#842063)

  - config/debug: Enable FSCACHE_DEBUG and CACHEFILES_DEBUG.
    (bnc#837372)

  - series.conf: disable XHCI ring expansion patches because
    on machines with large memory they cause a starvation
    problem. (bnc#833635)

  - rpm/old-flavors, rpm/mkspec: Add version information to
    obsolete flavors. (bnc#821465)

  - rpm/kernel-binary.spec.in: Move the xenpae obsolete to
    the old-flavors file.

  - rpm/old-flavors: Convert the old-packages.conf file to a
    flat list.

  - rpm/old-packages.conf: Drop bogus obsoletes for 'smp'.
    (bnc#821465)

  - rpm/kernel-binary.spec.in: Make sure that all KMP
    obsoletes are versioned. (bnc#821465)

  - rpm/kernel-binary.spec.in: Remove unversioned
    provides/obsoletes for packages that were only seen in
    openSUSE releases up to 11.0. . (bnc#821465)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=763463"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=794824"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=797526"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=804950"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=816099"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=820848"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=821259"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=821465"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=826102"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=827246"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=827416"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=828714"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=828894"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=829682"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=831029"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=831143"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=831380"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=832292"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=833321"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=833588"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=833635"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=833820"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=833858"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=834204"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=834600"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=834905"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=835094"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=835684"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=835930"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=836218"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=836347"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=836801"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=837372"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=837803"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=838346"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=838448"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=840830"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=841094"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=841402"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=841498"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=842063"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=842604"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=844513"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-2206.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Apply SAT patch number 8509 / 8516 / 8518 as appropriate."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-man");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-source");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-syms");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-pae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-trace");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/11/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/11/22");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2");


flag = 0;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-source-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-syms-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"xen-kmp-pae-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-source-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-syms-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-default-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-default-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-default-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-source-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-syms-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-trace-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-trace-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-trace-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-ec2-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-ec2-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-ec2-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-pae-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-pae-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-pae-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-xen-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-xen-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-xen-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"xen-kmp-pae-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"s390x", reference:"kernel-default-man-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-ec2-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-ec2-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-ec2-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-xen-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-xen-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-xen-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:kernel-default
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:kernel-default-base
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:kernel-default-devel
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:kernel-default-extra
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:kernel-default-man
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:kernel-ec2
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:kernel-ec2-base
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:kernel-pae
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:kernel-pae-base
Rows per page:
1-10 of 261

References

Related

suse 5
cvelist 1
cve 1
ubuntucve 1
debiancve 1
prion 1
openvas 29
checkpoint_advisories 1
nessus 25
ubuntu 7
securityvulns 2
altlinux 1
oraclelinux 7
redhat 4
centos 2
osv 1
vmware 1
debian 1
suse
suse
Security update for Real Time Linux Kernel (important)
2013-11-22 08:04:29
Security update for Real Time Linux Kernel (important)
2013-11-22 05:04:54
Security update for Linux Kernel (important)
2013-11-22 08:04:16
cvelist
cvelist
CVE-2013-2206
2013-07-04 21:00:00
cve
cve
CVE-2013-2206
2013-07-04 21:55:00
ubuntucve
ubuntucve
CVE-2013-2206
2013-06-21 00:00:00
debiancve
debiancve
CVE-2013-2206
2013-07-04 21:55:00
prion
prion
Null pointer dereference
2013-07-04 21:55:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:1749-1)
2021-06-09 00:00:00
Ubuntu Update for linux USN-1939-1
2013-09-12 00:00:00
Ubuntu: Security Advisory (USN-1939-1)
2013-09-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Linux Kernel SCTP Duplicate Cookie Handling Denial of Service (CVE-2013-2206)
2013-11-18 00:00:00
nessus
nessus
SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 8524 / 8525 / 8528)
2013-11-22 00:00:00
Ubuntu 10.04 LTS : linux vulnerabilities (USN-1939-1)
2013-09-07 00:00:00
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1940-1)
2013-09-07 00:00:00
ubuntu
ubuntu
Linux kernel (EC2) vulnerabilities
2013-09-06 00:00:00
Linux kernel vulnerabilities
2013-09-06 00:00:00
Linux kernel (OMAP4) vulnerabilities
2013-05-02 00:00:00
securityvulns
securityvulns
[USN-1939-1] Linux kernel vulnerabilities
2013-09-09 00:00:00
Linux kernel mulriple security vulnerabilities
2013-10-28 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-el-def version 2.6.32-alt11
2013-08-30 00:00:00
oraclelinux
oraclelinux
unbreakable enterprise kernel security update
2013-08-28 00:00:00
unbreakable enterprise kernel security update
2013-08-28 00:00:00
kernel security and bug fix update
2013-08-27 00:00:00
redhat
redhat
(RHSA-2013:1195) Important: kernel security and bug fix update
2013-09-03 00:00:00
(RHSA-2013:1173) Important: kernel security and bug fix update
2013-08-27 00:00:00
(RHSA-2013:1166) Important: kernel security and bug fix update
2013-08-20 00:00:00
centos
centos
kernel, perf, python security update
2013-08-28 19:03:34
kernel security update
2013-08-21 14:07:08
osv
osv
linux-2.6 - several
2013-09-27 00:00:00
vmware
vmware
VMware ESX updates to third party libraries
2013-12-05 00:00:00
debian
debian
[SECURITY] [DSA 2766-1] linux-2.6 security update
2013-09-27 23:24:29
JSON
Related for SUSE_11_KERNEL-131106.NASL
suse5cvelist1cve1ubuntucve1debiancve1prion1openvas29checkpoint_advisories1nessus25ubuntu7securityvulns2altlinux1oraclelinux7redhat4centos2osv1vmware1debian1