Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2017-2142-1.NASL
HistoryAug 14, 2017 - 12:00 a.m.

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2142-1)

2017-08-1400:00:00
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
JSON

The SUSE Linux Enterprise 12 kernel was updated to 3.12.61 to the following security updates :

  • CVE-2017-1000111: fix race condition in net-packet code that could be exploited to cause out-of-bounds memory access (bsc#1052365).

  • CVE-2017-1000112: fix race condition in net-packet code that could have been exploited by unprivileged users to gain root access. (bsc#1052311).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2017:2142-1.
# The text itself is copyright (C) SUSE.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(102475);
  script_version("3.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2017-1000111", "CVE-2017-1000112");

  script_name(english:"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2142-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The SUSE Linux Enterprise 12 kernel was updated to 3.12.61 to the
following security updates :

  - CVE-2017-1000111: fix race condition in net-packet code
    that could be exploited to cause out-of-bounds memory
    access (bsc#1052365).

  - CVE-2017-1000112: fix race condition in net-packet code
    that could have been exploited by unprivileged users to
    gain root access. (bsc#1052311).

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1052311"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1052365"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-1000111/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-1000112/"
  );
  # https://www.suse.com/support/update/announcement/2017/suse-su-20172142-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?73414783"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server for SAP 12:zypper in -t patch
SUSE-SLE-SAP-12-2017-1327=1

SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch
SUSE-SLE-SERVER-12-2017-1327=1

SUSE Linux Enterprise Module for Public Cloud 12:zypper in -t patch
SUSE-SLE-Module-Public-Cloud-12-2017-1327=1

To bring your system up-to-date, use 'zypper patch'."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-man");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_86-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_86-xen");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/10/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/08/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/08/14");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kernel-xen-3.12.61-52.86.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kernel-xen-base-3.12.61-52.86.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kernel-xen-base-debuginfo-3.12.61-52.86.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kernel-xen-debuginfo-3.12.61-52.86.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kernel-xen-debugsource-3.12.61-52.86.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kernel-xen-devel-3.12.61-52.86.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kgraft-patch-3_12_61-52_86-default-1-2.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"x86_64", reference:"kgraft-patch-3_12_61-52_86-xen-1-2.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", cpu:"s390x", reference:"kernel-default-man-3.12.61-52.86.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-default-3.12.61-52.86.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-default-base-3.12.61-52.86.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-default-base-debuginfo-3.12.61-52.86.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-default-debuginfo-3.12.61-52.86.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-default-debugsource-3.12.61-52.86.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-default-devel-3.12.61-52.86.1")) flag++;
if (rpm_check(release:"SLES12", sp:"0", reference:"kernel-syms-3.12.61-52.86.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
VendorProductVersionCPE
novellsuse_linuxkernel-defaultp-cpe:/a:novell:suse_linux:kernel-default
novellsuse_linuxkernel-default-basep-cpe:/a:novell:suse_linux:kernel-default-base
novellsuse_linuxkernel-default-base-debuginfop-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo
novellsuse_linuxkernel-default-debuginfop-cpe:/a:novell:suse_linux:kernel-default-debuginfo
novellsuse_linuxkernel-default-debugsourcep-cpe:/a:novell:suse_linux:kernel-default-debugsource
novellsuse_linuxkernel-default-develp-cpe:/a:novell:suse_linux:kernel-default-devel
novellsuse_linuxkernel-default-manp-cpe:/a:novell:suse_linux:kernel-default-man
novellsuse_linuxkernel-symsp-cpe:/a:novell:suse_linux:kernel-syms
novellsuse_linuxkernel-xenp-cpe:/a:novell:suse_linux:kernel-xen
novellsuse_linuxkernel-xen-basep-cpe:/a:novell:suse_linux:kernel-xen-base
Rows per page:
1-10 of 171

Related

nessus 53
openvas 47
cloudfoundry 1
ubuntu 6
suse 40
virtuozzo 5
centos 2
redhat 6
fedora 2
amazon 1
veracode 2
redhatcve 2
f5 2
seebug 1
packetstorm 1
myhack58 1
oraclelinux 4
exploitpack 2
ubuntucve 3
metasploit 1
prion 2
cve 2
debiancve 2
hackerone 1
exploitdb 3
mageia 6
photon 1
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2150-1)
2017-08-14 00:00:00
Virtuozzo 7 : readykernel-patch (VZA-2017-072)
2017-08-21 00:00:00
Virtuozzo 7 : readykernel-patch (VZA-2017-073)
2017-08-21 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:2142-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:2150-1)
2021-04-19 00:00:00
Ubuntu: Security Advisory (USN-3386-2)
2022-08-26 00:00:00
cloudfoundry
cloudfoundry
USN-3385-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2017-08-17 00:00:00
ubuntu
ubuntu
Linux kernel (HWE) vulnerabilities
2017-08-11 00:00:00
Linux kernel vulnerabilities
2017-08-11 00:00:00
Linux kernel (Xenial HWE) vulnerabilities
2017-08-11 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2017-08-11 06:07:36
Security update for the Linux Kernel (important)
2017-08-11 21:07:51
Security update for the Linux Kernel (important)
2017-08-12 00:08:29
virtuozzo
virtuozzo
Important kernel security update: CVE-2017-1000111 and other; Virtuozzo ReadyKernel patch 29.1 for Virtuozzo 7.0.5
2017-08-18 00:00:00
Important kernel security update: CVE-2017-1000111 and other; Virtuozzo ReadyKernel patch 29.0 for Virtuozzo 7.0.4 and 7.0.4 HF3
2017-08-17 00:00:00
Important kernel security update: CVE-2017-1000111 and other; Virtuozzo ReadyKernel patch 29.0 for Virtuozzo 7.0.0, 7.0.1, and 7.0.3
2017-08-17 00:00:00
centos
centos
kernel, perf, python security update
2017-11-15 21:38:19
kernel, perf, python security update
2017-10-23 17:05:09
redhat
redhat
(RHSA-2017:3200) Important: kernel security and bug fix update
2017-11-14 19:40:45
(RHSA-2019:1932) Important: kernel security update
2019-07-29 16:37:05
(RHSA-2019:1931) Important: kernel security and bug fix update
2019-07-29 16:36:12
fedora
fedora
[SECURITY] Fedora 26 Update: kernel-4.12.8-300.fc26
2017-08-24 03:52:29
[SECURITY] Fedora 25 Update: kernel-4.12.8-200.fc25
2017-08-23 06:09:57
amazon
amazon
Critical: kernel
2017-08-10 16:31:00
veracode
veracode
Privilege Escalation
2019-01-15 09:19:49
Privilege Escalation
2019-05-02 06:37:27
redhatcve
redhatcve
CVE-2017-1000111
2017-08-11 08:18:42
CVE-2017-1000112
2019-10-10 23:53:59
f5
f5
K60250153 : Linux kernel vulnerability CVE-2017-1000112
2018-03-14 00:00:00
K44309215 : Linux kernel vulnerability CVE-2017-1000111
2018-03-14 00:00:00
seebug
seebug
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch(CVE-2017-1000112)
2017-08-14 00:00:00
packetstorm
packetstorm
Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation
2018-08-03 00:00:00
myhack58
myhack58
Struts 2 S2-053 flaws vulnerability bug thematic research with the POC-the exploit-warning-the black bar safety net
2017-09-17 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2017-11-15 00:00:00
Unbreakable Enterprise kernel security update
2017-10-24 00:00:00
Unbreakable Enterprise kernel security update
2017-10-24 00:00:00
exploitpack
exploitpack
Linux Kernel 4.4.0 4.8.0 (Ubuntu 14.0416.04 Linux Mint 1718 Zorin) - Local Privilege Escalation (KASLR SMEP)
2018-12-29 00:00:00
Linux Kernel 4.4.0-83 4.8.0-58 (Ubuntu 14.0416.04) - Local Privilege Escalation (KASLR SMEP)
2017-08-13 00:00:00
ubuntucve
ubuntucve
CVE-2017-1000112
2017-08-10 00:00:00
CVE-2017-1000111
2017-08-10 00:00:00
CVE-2017-1000
2017-12-31 00:00:00
metasploit
metasploit
Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation
2018-04-18 00:39:59
prion
prion
Memory corruption
2017-10-05 01:29:00
Heap overflow
2017-10-05 01:29:00
cve
cve
CVE-2017-1000112
2017-10-05 01:29:00
CVE-2017-1000111
2017-10-05 01:29:00
debiancve
debiancve
CVE-2017-1000112
2017-10-05 01:29:00
CVE-2017-1000111
2017-10-05 01:29:00
hackerone
hackerone
Internet Bug Bounty: Linux kernel: CVE-2017-1000112: a memory corruption due to UFO to non-UFO path switch
2019-08-29 14:08:01
exploitdb
exploitdb
Linux Kernel &lt; 4.4.0-83 / &lt; 4.8.0-58 (Ubuntu 14.04/16.04) - Local Privilege Escalation (KASLR / SMEP)
2017-08-13 00:00:00
Linux Kernel &lt; 4.4.0/ &lt; 4.8.0 (Ubuntu 14.04/16.04 / Linux Mint 17/18 / Zorin) - Local Privilege Escalation (KASLR / SMEP)
2018-12-29 00:00:00
Linux Kernel - UDP Fragmentation Offset &#039;UFO&#039; Privilege Escalation (Metasploit)
2018-08-03 00:00:00
mageia
mageia
Updated kernel packages fixes security and other bugs
2017-08-18 20:06:49
Updated kernel-tmb packages fixes security and other bugs
2017-08-20 11:48:42
Updated kernel-tmb packages fixes security and other bugs
2017-08-23 18:43:04
photon
photon
Important Photon OS Security Update - PHSA-2017-0062
2017-08-16 00:00:00
JSON
Related for SUSE_SU-2017-2142-1.NASL
nessus53openvas47cloudfoundry1ubuntu6suse40virtuozzo5centos2redhat6fedora2amazon1veracode2redhatcve2f52seebug1packetstorm1myhack581oraclelinux4exploitpack2ubuntucve3metasploit1prion2cve2debiancve2hackerone1exploitdb3mageia6photon1