The SUSE Linux Enterprise 12 kernel was updated to 3.12.55 to receive various security and bugfixes.
Features added :
The following security bugs were fixed :
CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bnc#955654).
CVE-2015-5707: Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request (bnc#940338).
CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states ‘there is no kernel bug here’ (bnc#959709 bnc#960561).
CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not properly manage the relationship between a lock and a socket, which allowed local users to cause a denial of service (deadlock) via a crafted sctp_accept call (bnc#961509).
CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel allowed local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov (bnc#963765).
CVE-2015-8812: A use-after-free flaw was found in the CXGB3 kernel driver when the network was considered to be congested. This could be used by local attackers to cause machine crashes or potentially code executuon (bsc#966437).
CVE-2016-0723: Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call (bnc#961500).
CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964730).
CVE-2016-2069: Race conditions in TLB syncing was fixed which could leak to information leaks (bnc#963767).
CVE-2016-2384: A double-free triggered by invalid USB descriptor in ALSA usb-audio was fixed, which could be exploited by physical local attackers to crash the kernel or gain code execution (bnc#966693).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2016:0785-1.
# The text itself is copyright (C) SUSE.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(89993);
script_version("2.15");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2013-7446", "CVE-2015-5707", "CVE-2015-8709", "CVE-2015-8767", "CVE-2015-8785", "CVE-2015-8812", "CVE-2016-0723", "CVE-2016-0774", "CVE-2016-2069", "CVE-2016-2384");
script_name(english:"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:0785-1)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"The SUSE Linux Enterprise 12 kernel was updated to 3.12.55 to receive
various security and bugfixes.
Features added :
- A improved XEN blkfront module was added, which allows
more I/O bandwidth. (FATE#320625) It is called
xen-blkfront in PV, and xen-vbd-upstream in HVM mode.
The following security bugs were fixed :
- CVE-2013-7446: Use-after-free vulnerability in
net/unix/af_unix.c in the Linux kernel allowed local
users to bypass intended AF_UNIX socket permissions or
cause a denial of service (panic) via crafted epoll_ctl
calls (bnc#955654).
- CVE-2015-5707: Integer overflow in the sg_start_req
function in drivers/scsi/sg.c in the Linux kernel
allowed local users to cause a denial of service or
possibly have unspecified other impact via a large
iov_count value in a write request (bnc#940338).
- CVE-2015-8709: kernel/ptrace.c in the Linux kernel
mishandled uid and gid mappings, which allowed local
users to gain privileges by establishing a user
namespace, waiting for a root process to enter that
namespace with an unsafe uid or gid, and then using the
ptrace system call. NOTE: the vendor states 'there is no
kernel bug here' (bnc#959709 bnc#960561).
- CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux
kernel did not properly manage the relationship between
a lock and a socket, which allowed local users to cause
a denial of service (deadlock) via a crafted sctp_accept
call (bnc#961509).
- CVE-2015-8785: The fuse_fill_write_pages function in
fs/fuse/file.c in the Linux kernel allowed local users
to cause a denial of service (infinite loop) via a
writev system call that triggers a zero length for the
first segment of an iov (bnc#963765).
- CVE-2015-8812: A use-after-free flaw was found in the
CXGB3 kernel driver when the network was considered to
be congested. This could be used by local attackers to
cause machine crashes or potentially code executuon
(bsc#966437).
- CVE-2016-0723: Race condition in the tty_ioctl function
in drivers/tty/tty_io.c in the Linux kernel allowed
local users to obtain sensitive information from kernel
memory or cause a denial of service (use-after-free and
system crash) by making a TIOCGETD ioctl call during
processing of a TIOCSETD ioctl call (bnc#961500).
- CVE-2016-0774: A pipe buffer state corruption after
unsuccessful atomic read from pipe was fixed
(bsc#964730).
- CVE-2016-2069: Race conditions in TLB syncing was fixed
which could leak to information leaks (bnc#963767).
- CVE-2016-2384: A double-free triggered by invalid USB
descriptor in ALSA usb-audio was fixed, which could be
exploited by physical local attackers to crash the
kernel or gain code execution (bnc#966693).
The update package also includes non-security fixes. See advisory for
details.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=812259"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=816099"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=855062"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=867583"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=884701"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=899908"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=922071"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=937444"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=940338"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=940946"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=941363"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=943989"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=945219"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=947953"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=949752"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=950292"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=951155"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=955308"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=955654"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=956084"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=956514"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=957525"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=957986"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=959090"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=959146"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=959257"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=959463"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=959629"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=959709"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=960174"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=960227"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=960458"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=960561"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=960629"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=961257"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=961500"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=961509"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=961516"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=961588"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=961658"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=961971"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=962336"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=962356"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=962788"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=962965"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=963193"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=963449"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=963572"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=963746"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=963765"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=963767"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=963825"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=963960"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=964201"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=964730"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=965199"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=965344"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=965830"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=965840"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=965891"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=966026"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=966094"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=966278"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=966437"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=966471"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=966693"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=966864"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=966910"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=967802"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=968018"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=968074"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=968206"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=968230"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=968234"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=968253"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=969112"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2013-7446/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-5707/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-8709/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-8767/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-8785/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-8812/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-0723/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-0774/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-2069/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-2384/"
);
# https://www.suse.com/support/update/announcement/2016/suse-su-20160785-1/
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?c1ef02b6"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Workstation Extension 12 :
zypper in -t patch SUSE-SLE-WE-12-2016-460=1
SUSE Linux Enterprise Software Development Kit 12 :
zypper in -t patch SUSE-SLE-SDK-12-2016-460=1
SUSE Linux Enterprise Server 12 :
zypper in -t patch SUSE-SLE-SERVER-12-2016-460=1
SUSE Linux Enterprise Module for Public Cloud 12 :
zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-460=1
SUSE Linux Enterprise Live Patching 12 :
zypper in -t patch SUSE-SLE-Live-Patching-12-2016-460=1
SUSE Linux Enterprise Desktop 12 :
zypper in -t patch SUSE-SLE-DESKTOP-12-2016-460=1
To bring your system up-to-date, use 'zypper patch'."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-man");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/10/19");
script_set_attribute(attribute:"patch_publication_date", value:"2016/03/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/17");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);
if (os_ver == "SLED12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP0", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kernel-xen-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kernel-xen-base-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kernel-xen-base-debuginfo-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kernel-xen-debuginfo-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kernel-xen-debugsource-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kernel-xen-devel-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"s390x", reference:"kernel-default-man-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-default-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-default-base-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-default-base-debuginfo-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-default-debuginfo-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-default-debugsource-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-default-devel-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-syms-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"kernel-default-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"kernel-default-debuginfo-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"kernel-default-debugsource-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"kernel-default-devel-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"kernel-default-extra-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"kernel-default-extra-debuginfo-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"kernel-syms-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"kernel-xen-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"kernel-xen-debuginfo-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"kernel-xen-debugsource-3.12.55-52.42.1")) flag++;
if (rpm_check(release:"SLED12", sp:"0", cpu:"x86_64", reference:"kernel-xen-devel-3.12.55-52.42.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | kernel-default | p-cpe:/a:novell:suse_linux:kernel-default |
novell | suse_linux | kernel-default-base | p-cpe:/a:novell:suse_linux:kernel-default-base |
novell | suse_linux | kernel-default-base-debuginfo | p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo |
novell | suse_linux | kernel-default-debuginfo | p-cpe:/a:novell:suse_linux:kernel-default-debuginfo |
novell | suse_linux | kernel-default-debugsource | p-cpe:/a:novell:suse_linux:kernel-default-debugsource |
novell | suse_linux | kernel-default-devel | p-cpe:/a:novell:suse_linux:kernel-default-devel |
novell | suse_linux | kernel-default-extra | p-cpe:/a:novell:suse_linux:kernel-default-extra |
novell | suse_linux | kernel-default-extra-debuginfo | p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo |
novell | suse_linux | kernel-default-man | p-cpe:/a:novell:suse_linux:kernel-default-man |
novell | suse_linux | kernel-syms | p-cpe:/a:novell:suse_linux:kernel-syms |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7446
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5707
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8709
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8767
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8785
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8812
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0723
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0774
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2069
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2384
www.nessus.org/u?c1ef02b6
bugzilla.suse.com/show_bug.cgi?id=812259
bugzilla.suse.com/show_bug.cgi?id=816099
bugzilla.suse.com/show_bug.cgi?id=855062
bugzilla.suse.com/show_bug.cgi?id=867583
bugzilla.suse.com/show_bug.cgi?id=884701
bugzilla.suse.com/show_bug.cgi?id=899908
bugzilla.suse.com/show_bug.cgi?id=922071
bugzilla.suse.com/show_bug.cgi?id=937444
bugzilla.suse.com/show_bug.cgi?id=940338
bugzilla.suse.com/show_bug.cgi?id=940946
bugzilla.suse.com/show_bug.cgi?id=941363
bugzilla.suse.com/show_bug.cgi?id=943989
bugzilla.suse.com/show_bug.cgi?id=945219
bugzilla.suse.com/show_bug.cgi?id=947953
bugzilla.suse.com/show_bug.cgi?id=949752
bugzilla.suse.com/show_bug.cgi?id=950292
bugzilla.suse.com/show_bug.cgi?id=951155
bugzilla.suse.com/show_bug.cgi?id=955308
bugzilla.suse.com/show_bug.cgi?id=955654
bugzilla.suse.com/show_bug.cgi?id=956084
bugzilla.suse.com/show_bug.cgi?id=956514
bugzilla.suse.com/show_bug.cgi?id=957525
bugzilla.suse.com/show_bug.cgi?id=957986
bugzilla.suse.com/show_bug.cgi?id=959090
bugzilla.suse.com/show_bug.cgi?id=959146
bugzilla.suse.com/show_bug.cgi?id=959257
bugzilla.suse.com/show_bug.cgi?id=959463
bugzilla.suse.com/show_bug.cgi?id=959629
bugzilla.suse.com/show_bug.cgi?id=959709
bugzilla.suse.com/show_bug.cgi?id=960174
bugzilla.suse.com/show_bug.cgi?id=960227
bugzilla.suse.com/show_bug.cgi?id=960458
bugzilla.suse.com/show_bug.cgi?id=960561
bugzilla.suse.com/show_bug.cgi?id=960629
bugzilla.suse.com/show_bug.cgi?id=961257
bugzilla.suse.com/show_bug.cgi?id=961500
bugzilla.suse.com/show_bug.cgi?id=961509
bugzilla.suse.com/show_bug.cgi?id=961516
bugzilla.suse.com/show_bug.cgi?id=961588
bugzilla.suse.com/show_bug.cgi?id=961658
bugzilla.suse.com/show_bug.cgi?id=961971
bugzilla.suse.com/show_bug.cgi?id=962336
bugzilla.suse.com/show_bug.cgi?id=962356
bugzilla.suse.com/show_bug.cgi?id=962788
bugzilla.suse.com/show_bug.cgi?id=962965
bugzilla.suse.com/show_bug.cgi?id=963193
bugzilla.suse.com/show_bug.cgi?id=963449
bugzilla.suse.com/show_bug.cgi?id=963572
bugzilla.suse.com/show_bug.cgi?id=963746
bugzilla.suse.com/show_bug.cgi?id=963765
bugzilla.suse.com/show_bug.cgi?id=963767
bugzilla.suse.com/show_bug.cgi?id=963825
bugzilla.suse.com/show_bug.cgi?id=963960
bugzilla.suse.com/show_bug.cgi?id=964201
bugzilla.suse.com/show_bug.cgi?id=964730
bugzilla.suse.com/show_bug.cgi?id=965199
bugzilla.suse.com/show_bug.cgi?id=965344
bugzilla.suse.com/show_bug.cgi?id=965830
bugzilla.suse.com/show_bug.cgi?id=965840
bugzilla.suse.com/show_bug.cgi?id=965891
bugzilla.suse.com/show_bug.cgi?id=966026
bugzilla.suse.com/show_bug.cgi?id=966094
bugzilla.suse.com/show_bug.cgi?id=966278
bugzilla.suse.com/show_bug.cgi?id=966437
bugzilla.suse.com/show_bug.cgi?id=966471
bugzilla.suse.com/show_bug.cgi?id=966693
bugzilla.suse.com/show_bug.cgi?id=966864
bugzilla.suse.com/show_bug.cgi?id=966910
bugzilla.suse.com/show_bug.cgi?id=967802
bugzilla.suse.com/show_bug.cgi?id=968018
bugzilla.suse.com/show_bug.cgi?id=968074
bugzilla.suse.com/show_bug.cgi?id=968206
bugzilla.suse.com/show_bug.cgi?id=968230
bugzilla.suse.com/show_bug.cgi?id=968234
bugzilla.suse.com/show_bug.cgi?id=968253
bugzilla.suse.com/show_bug.cgi?id=969112
www.suse.com/security/cve/CVE-2013-7446/
www.suse.com/security/cve/CVE-2015-5707/
www.suse.com/security/cve/CVE-2015-8709/
www.suse.com/security/cve/CVE-2015-8767/
www.suse.com/security/cve/CVE-2015-8785/
www.suse.com/security/cve/CVE-2015-8812/
www.suse.com/security/cve/CVE-2016-0723/
www.suse.com/security/cve/CVE-2016-0774/
www.suse.com/security/cve/CVE-2016-2069/
www.suse.com/security/cve/CVE-2016-2384/