The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.155 to receive various security and bugfixes.
The following security bugs were fixed :
CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occured because of a lack of proper validation that cached inodes are free during allocation (bnc#1100001).
CVE-2018-13095: Prevent denial of service (memory corruption and BUG) that could have occurred for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork (bnc#1099999).
CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp (bnc#1100000).
CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically made the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. This allowed a local user to cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922).
CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that could have been used by local attackers to read kernel memory (bnc#1107689).
CVE-2018-6555: The irda_setsockopt function allowed local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket (bnc#1106511).
CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket (bnc#1106509).
CVE-2018-1129: A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol (bnc#1096748).
CVE-2018-1128: It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service (bnc#1096748).
CVE-2018-10938: A crafted network packet sent remotely by an attacker forced the kernel to enter an infinite loop in the cipso_v4_optptr() function leading to a denial-of-service (bnc#1106016).
CVE-2018-15572: The spectre_v2_select_mitigation function did not always fill RSB upon a context switch, which made it easier for attackers to conduct userspace-userspace spectreRSB attacks (bnc#1102517).
CVE-2018-10902: Protect against concurrent access to prevent double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A malicious local attacker could have used this for privilege escalation (bnc#1105322 1105323).
CVE-2018-9363: Prevent buffer overflow in hidp_process_report (bsc#1105292)
CVE-2018-10883: A local user could have caused an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image (bsc#1099863).
CVE-2018-10879: A local user could have caused a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844).
CVE-2018-10878: A local user could have caused an out-of-bounds write and a denial of service or unspecified other impact by mounting and operating a crafted ext4 filesystem image (bsc#1099813).
CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image (bsc#1099811).
CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image (bsc#1099846).
CVE-2018-10881: A local user could have caused an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image (bsc#1099864).
CVE-2018-10882: A local user could have caused an out-of-bound write, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image (bsc#1099849).
CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could have used this to cause a system crash and a denial of service (bsc#1099845).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2018:2776-1.
# The text itself is copyright (C) SUSE.
#
include("compat.inc");
if (description)
{
script_id(117629);
script_version("1.6");
script_cvs_date("Date: 2019/09/10 13:51:49");
script_cve_id("CVE-2018-10876", "CVE-2018-10877", "CVE-2018-10878", "CVE-2018-10879", "CVE-2018-10880", "CVE-2018-10881", "CVE-2018-10882", "CVE-2018-10883", "CVE-2018-10902", "CVE-2018-10938", "CVE-2018-1128", "CVE-2018-1129", "CVE-2018-12896", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-15572", "CVE-2018-16658", "CVE-2018-6554", "CVE-2018-6555", "CVE-2018-9363");
script_name(english:"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:2776-1)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.155 to
receive various security and bugfixes.
The following security bugs were fixed :
CVE-2018-13093: Prevent NULL pointer dereference and panic in
lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a
corrupted xfs image. This occured because of a lack of proper
validation that cached inodes are free during allocation
(bnc#1100001).
CVE-2018-13095: Prevent denial of service (memory corruption and BUG)
that could have occurred for a corrupted xfs image upon encountering
an inode that is in extent format, but has more extents than fit in
the inode fork (bnc#1099999).
CVE-2018-13094: Prevent OOPS that may have occured for a corrupted xfs
image after xfs_da_shrink_inode() is called with a NULL bp
(bnc#1100000).
CVE-2018-12896: Prevent integer overflow in the POSIX timer code that
was caused by the way the overrun accounting works. Depending on
interval and expiry time values, the overrun can be larger than
INT_MAX, but the accounting is int based. This basically made the
accounting values, which are visible to user space via
timer_getoverrun(2) and siginfo::si_overrun, random. This allowed a
local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls
(bnc#1099922).
CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status
that could have been used by local attackers to read kernel memory
(bnc#1107689).
CVE-2018-6555: The irda_setsockopt function allowed local users to
cause a denial of service (ias_object use-after-free and system crash)
or possibly have unspecified other impact via an AF_IRDA socket
(bnc#1106511).
CVE-2018-6554: Prevent memory leak in the irda_bind function that
allowed local users to cause a denial of service (memory consumption)
by repeatedly binding an AF_IRDA socket (bnc#1106509).
CVE-2018-1129: A flaw was found in the way signature calculation was
handled by cephx authentication protocol. An attacker having access to
ceph cluster network who is able to alter the message payload was able
to bypass signature checks done by cephx protocol (bnc#1096748).
CVE-2018-1128: It was found that cephx authentication protocol did not
verify ceph clients correctly and was vulnerable to replay attack. Any
attacker having access to ceph cluster network who is able to sniff
packets on network can use this vulnerability to authenticate with
ceph service and perform actions allowed by ceph service
(bnc#1096748).
CVE-2018-10938: A crafted network packet sent remotely by an attacker
forced the kernel to enter an infinite loop in the cipso_v4_optptr()
function leading to a denial-of-service (bnc#1106016).
CVE-2018-15572: The spectre_v2_select_mitigation function did not
always fill RSB upon a context switch, which made it easier for
attackers to conduct userspace-userspace spectreRSB attacks
(bnc#1102517).
CVE-2018-10902: Protect against concurrent access to prevent double
realloc (double free) in snd_rawmidi_input_params() and
snd_rawmidi_output_status(). A malicious local attacker could have
used this for privilege escalation (bnc#1105322 1105323).
CVE-2018-9363: Prevent buffer overflow in hidp_process_report
(bsc#1105292)
CVE-2018-10883: A local user could have caused an out-of-bounds write
in jbd2_journal_dirty_metadata(), a denial of service, and a system
crash by mounting and operating on a crafted ext4 filesystem image
(bsc#1099863).
CVE-2018-10879: A local user could have caused a use-after-free in
ext4_xattr_set_entry function and a denial of service or unspecified
other impact by renaming a file in a crafted ext4 filesystem image
(bsc#1099844).
CVE-2018-10878: A local user could have caused an out-of-bounds write
and a denial of service or unspecified other impact by mounting and
operating a crafted ext4 filesystem image (bsc#1099813).
CVE-2018-10876: A use-after-free was possible in
ext4_ext_remove_space() function when mounting and operating a crafted
ext4 image (bsc#1099811).
CVE-2018-10877: Prevent out-of-bound access in the
ext4_ext_drop_refs() function when operating on a crafted ext4
filesystem image (bsc#1099846).
CVE-2018-10881: A local user could have caused an out-of-bound access
in ext4_get_group_info function, a denial of service, and a system
crash by mounting and operating on a crafted ext4 filesystem image
(bsc#1099864).
CVE-2018-10882: A local user could have caused an out-of-bound write,
a denial of service, and a system crash by unmounting a crafted ext4
filesystem image (bsc#1099849).
CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4
filesystem code when mounting and writing to a crafted ext4 image in
ext4_update_inline_data(). An attacker could have used this to cause a
system crash and a denial of service (bsc#1099845).
The update package also includes non-security fixes. See advisory for
details.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1012382"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1015342"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1015343"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1017967"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1019695"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1019699"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1020412"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1021121"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1022604"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1024361"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1024365"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1024376"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1027968"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1030552"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1031492"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1033962"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1042286"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1048317"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1050431"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1053685"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1055014"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1056596"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1062604"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1063646"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1064232"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1065364"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1066223"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1068032"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1068075"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1069138"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1078921"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1080157"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1083663"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1085042"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1085536"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1085539"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1086457"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1087092"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1089066"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1090888"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1091171"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1091860"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1096254"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1096748"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1097105"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1098253"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1098822"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1099597"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1099810"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1099811"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1099813"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1099832"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1099844"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1099845"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1099846"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1099849"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1099863"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1099864"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1099922"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1099999"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1100000"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1100001"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1100132"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1101822"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1101841"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1102346"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1102486"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1102517"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1102715"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1102797"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1103269"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1103445"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1103717"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1104319"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1104485"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1104494"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1104495"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1104683"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1104897"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1105271"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1105292"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1105322"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1105323"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1105392"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1105396"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1105524"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1105536"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1105769"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106016"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106105"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106185"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106229"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106271"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106275"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106276"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106278"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106281"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106283"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106369"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106509"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106511"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106697"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106929"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106934"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1106995"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1107060"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1107078"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1107319"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1107320"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1107689"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1107735"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1107966"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=963575"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=966170"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=966172"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=969470"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=969476"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=969477"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=970506"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-10876/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-10877/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-10878/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-10879/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-10880/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-10881/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-10882/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-10883/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-10902/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-10938/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-1128/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-1129/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-12896/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-13093/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-13094/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-13095/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-15572/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-16658/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-6554/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-6555/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-9363/"
);
# https://www.suse.com/support/update/announcement/2018/suse-su-20182776-1/
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?8190d585"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch
SUSE-SLE-WE-12-SP3-2018-1941=1
SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t
patch SUSE-SLE-SDK-12-SP3-2018-1941=1
SUSE Linux Enterprise Server 12-SP3:zypper in -t patch
SUSE-SLE-SERVER-12-SP3-2018-1941=1
SUSE Linux Enterprise High Availability 12-SP3:zypper in -t patch
SUSE-SLE-HA-12-SP3-2018-1941=1
SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP3-2018-1941=1
SUSE CaaS Platform ALL :
To install this update, use the SUSE CaaS Platform Velum dashboard. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
SUSE CaaS Platform 3.0 :
To install this update, use the SUSE CaaS Platform Velum dashboard. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-man");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/07/02");
script_set_attribute(attribute:"patch_publication_date", value:"2018/09/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/09/21");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP3", os_ver + " SP" + sp);
if (os_ver == "SLED12" && (! preg(pattern:"^(3)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP3", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"3", cpu:"s390x", reference:"kernel-default-man-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"kernel-default-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"kernel-default-base-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"kernel-default-base-debuginfo-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"kernel-default-debuginfo-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"kernel-default-debugsource-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"kernel-default-devel-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"kernel-syms-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"kernel-default-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"kernel-default-debuginfo-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"kernel-default-debugsource-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"kernel-default-devel-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"kernel-default-extra-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"kernel-default-extra-debuginfo-4.4.155-94.50.1")) flag++;
if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"kernel-syms-4.4.155-94.50.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | kernel-default | p-cpe:/a:novell:suse_linux:kernel-default |
novell | suse_linux | kernel-default-base | p-cpe:/a:novell:suse_linux:kernel-default-base |
novell | suse_linux | kernel-default-base-debuginfo | p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo |
novell | suse_linux | kernel-default-debuginfo | p-cpe:/a:novell:suse_linux:kernel-default-debuginfo |
novell | suse_linux | kernel-default-debugsource | p-cpe:/a:novell:suse_linux:kernel-default-debugsource |
novell | suse_linux | kernel-default-devel | p-cpe:/a:novell:suse_linux:kernel-default-devel |
novell | suse_linux | kernel-default-extra | p-cpe:/a:novell:suse_linux:kernel-default-extra |
novell | suse_linux | kernel-default-extra-debuginfo | p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo |
novell | suse_linux | kernel-default-man | p-cpe:/a:novell:suse_linux:kernel-default-man |
novell | suse_linux | kernel-syms | p-cpe:/a:novell:suse_linux:kernel-syms |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10876
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10877
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10878
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10879
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10880
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10881
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10882
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10883
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10902
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10938
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1128
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1129
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13093
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13094
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13095
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15572
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16658
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6554
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6555
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9363
www.nessus.org/u?8190d585
bugzilla.suse.com/show_bug.cgi?id=1012382
bugzilla.suse.com/show_bug.cgi?id=1015342
bugzilla.suse.com/show_bug.cgi?id=1015343
bugzilla.suse.com/show_bug.cgi?id=1017967
bugzilla.suse.com/show_bug.cgi?id=1019695
bugzilla.suse.com/show_bug.cgi?id=1019699
bugzilla.suse.com/show_bug.cgi?id=1020412
bugzilla.suse.com/show_bug.cgi?id=1021121
bugzilla.suse.com/show_bug.cgi?id=1022604
bugzilla.suse.com/show_bug.cgi?id=1024361
bugzilla.suse.com/show_bug.cgi?id=1024365
bugzilla.suse.com/show_bug.cgi?id=1024376
bugzilla.suse.com/show_bug.cgi?id=1027968
bugzilla.suse.com/show_bug.cgi?id=1030552
bugzilla.suse.com/show_bug.cgi?id=1031492
bugzilla.suse.com/show_bug.cgi?id=1033962
bugzilla.suse.com/show_bug.cgi?id=1042286
bugzilla.suse.com/show_bug.cgi?id=1048317
bugzilla.suse.com/show_bug.cgi?id=1050431
bugzilla.suse.com/show_bug.cgi?id=1053685
bugzilla.suse.com/show_bug.cgi?id=1055014
bugzilla.suse.com/show_bug.cgi?id=1056596
bugzilla.suse.com/show_bug.cgi?id=1062604
bugzilla.suse.com/show_bug.cgi?id=1063646
bugzilla.suse.com/show_bug.cgi?id=1064232
bugzilla.suse.com/show_bug.cgi?id=1065364
bugzilla.suse.com/show_bug.cgi?id=1066223
bugzilla.suse.com/show_bug.cgi?id=1068032
bugzilla.suse.com/show_bug.cgi?id=1068075
bugzilla.suse.com/show_bug.cgi?id=1069138
bugzilla.suse.com/show_bug.cgi?id=1078921
bugzilla.suse.com/show_bug.cgi?id=1080157
bugzilla.suse.com/show_bug.cgi?id=1083663
bugzilla.suse.com/show_bug.cgi?id=1085042
bugzilla.suse.com/show_bug.cgi?id=1085536
bugzilla.suse.com/show_bug.cgi?id=1085539
bugzilla.suse.com/show_bug.cgi?id=1086457
bugzilla.suse.com/show_bug.cgi?id=1087092
bugzilla.suse.com/show_bug.cgi?id=1089066
bugzilla.suse.com/show_bug.cgi?id=1090888
bugzilla.suse.com/show_bug.cgi?id=1091171
bugzilla.suse.com/show_bug.cgi?id=1091860
bugzilla.suse.com/show_bug.cgi?id=1096254
bugzilla.suse.com/show_bug.cgi?id=1096748
bugzilla.suse.com/show_bug.cgi?id=1097105
bugzilla.suse.com/show_bug.cgi?id=1098253
bugzilla.suse.com/show_bug.cgi?id=1098822
bugzilla.suse.com/show_bug.cgi?id=1099597
bugzilla.suse.com/show_bug.cgi?id=1099810
bugzilla.suse.com/show_bug.cgi?id=1099811
bugzilla.suse.com/show_bug.cgi?id=1099813
bugzilla.suse.com/show_bug.cgi?id=1099832
bugzilla.suse.com/show_bug.cgi?id=1099844
bugzilla.suse.com/show_bug.cgi?id=1099845
bugzilla.suse.com/show_bug.cgi?id=1099846
bugzilla.suse.com/show_bug.cgi?id=1099849
bugzilla.suse.com/show_bug.cgi?id=1099863
bugzilla.suse.com/show_bug.cgi?id=1099864
bugzilla.suse.com/show_bug.cgi?id=1099922
bugzilla.suse.com/show_bug.cgi?id=1099999
bugzilla.suse.com/show_bug.cgi?id=1100000
bugzilla.suse.com/show_bug.cgi?id=1100001
bugzilla.suse.com/show_bug.cgi?id=1100132
bugzilla.suse.com/show_bug.cgi?id=1101822
bugzilla.suse.com/show_bug.cgi?id=1101841
bugzilla.suse.com/show_bug.cgi?id=1102346
bugzilla.suse.com/show_bug.cgi?id=1102486
bugzilla.suse.com/show_bug.cgi?id=1102517
bugzilla.suse.com/show_bug.cgi?id=1102715
bugzilla.suse.com/show_bug.cgi?id=1102797
bugzilla.suse.com/show_bug.cgi?id=1103269
bugzilla.suse.com/show_bug.cgi?id=1103445
bugzilla.suse.com/show_bug.cgi?id=1103717
bugzilla.suse.com/show_bug.cgi?id=1104319
bugzilla.suse.com/show_bug.cgi?id=1104485
bugzilla.suse.com/show_bug.cgi?id=1104494
bugzilla.suse.com/show_bug.cgi?id=1104495
bugzilla.suse.com/show_bug.cgi?id=1104683
bugzilla.suse.com/show_bug.cgi?id=1104897
bugzilla.suse.com/show_bug.cgi?id=1105271
bugzilla.suse.com/show_bug.cgi?id=1105292
bugzilla.suse.com/show_bug.cgi?id=1105322
bugzilla.suse.com/show_bug.cgi?id=1105323
bugzilla.suse.com/show_bug.cgi?id=1105392
bugzilla.suse.com/show_bug.cgi?id=1105396
bugzilla.suse.com/show_bug.cgi?id=1105524
bugzilla.suse.com/show_bug.cgi?id=1105536
bugzilla.suse.com/show_bug.cgi?id=1105769
bugzilla.suse.com/show_bug.cgi?id=1106016
bugzilla.suse.com/show_bug.cgi?id=1106105
bugzilla.suse.com/show_bug.cgi?id=1106185
bugzilla.suse.com/show_bug.cgi?id=1106229
bugzilla.suse.com/show_bug.cgi?id=1106271
bugzilla.suse.com/show_bug.cgi?id=1106275
bugzilla.suse.com/show_bug.cgi?id=1106276
bugzilla.suse.com/show_bug.cgi?id=1106278
bugzilla.suse.com/show_bug.cgi?id=1106281
bugzilla.suse.com/show_bug.cgi?id=1106283
bugzilla.suse.com/show_bug.cgi?id=1106369
bugzilla.suse.com/show_bug.cgi?id=1106509
bugzilla.suse.com/show_bug.cgi?id=1106511
bugzilla.suse.com/show_bug.cgi?id=1106697
bugzilla.suse.com/show_bug.cgi?id=1106929
bugzilla.suse.com/show_bug.cgi?id=1106934
bugzilla.suse.com/show_bug.cgi?id=1106995
bugzilla.suse.com/show_bug.cgi?id=1107060
bugzilla.suse.com/show_bug.cgi?id=1107078
bugzilla.suse.com/show_bug.cgi?id=1107319
bugzilla.suse.com/show_bug.cgi?id=1107320
bugzilla.suse.com/show_bug.cgi?id=1107689
bugzilla.suse.com/show_bug.cgi?id=1107735
bugzilla.suse.com/show_bug.cgi?id=1107966
bugzilla.suse.com/show_bug.cgi?id=963575
bugzilla.suse.com/show_bug.cgi?id=966170
bugzilla.suse.com/show_bug.cgi?id=966172
bugzilla.suse.com/show_bug.cgi?id=969470
bugzilla.suse.com/show_bug.cgi?id=969476
bugzilla.suse.com/show_bug.cgi?id=969477
bugzilla.suse.com/show_bug.cgi?id=970506
www.suse.com/security/cve/CVE-2018-10876/
www.suse.com/security/cve/CVE-2018-10877/
www.suse.com/security/cve/CVE-2018-10878/
www.suse.com/security/cve/CVE-2018-10879/
www.suse.com/security/cve/CVE-2018-10880/
www.suse.com/security/cve/CVE-2018-10881/
www.suse.com/security/cve/CVE-2018-10882/
www.suse.com/security/cve/CVE-2018-10883/
www.suse.com/security/cve/CVE-2018-10902/
www.suse.com/security/cve/CVE-2018-10938/
www.suse.com/security/cve/CVE-2018-1128/
www.suse.com/security/cve/CVE-2018-1129/
www.suse.com/security/cve/CVE-2018-12896/
www.suse.com/security/cve/CVE-2018-13093/
www.suse.com/security/cve/CVE-2018-13094/
www.suse.com/security/cve/CVE-2018-13095/
www.suse.com/security/cve/CVE-2018-15572/
www.suse.com/security/cve/CVE-2018-16658/
www.suse.com/security/cve/CVE-2018-6554/
www.suse.com/security/cve/CVE-2018-6555/
www.suse.com/security/cve/CVE-2018-9363/