The SUSE Linux Enterprise 12 SP4 Azure kernel was updated to receive various security and bugfixes.
Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331)
CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
This kernel update contains software mitigations for these issues, which also utilize CPU microcode updates shipped in parallel.
For more information on this set of information leaks, check out https://www.suse.com/support/kb/doc/?id=7023736
The following security bugs were fixed: CVE-2018-16880: A flaw was found in the handle_rx() function in the vhost_net driver. A malicious virtual guest, under specific conditions, could trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.
(bnc#1122767).
CVE-2019-9003: Attackers could trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a ‘service ipmievd restart’ loop (bnc#1126704).
CVE-2019-9503: A brcmfmac frame validation bypass was fixed.
(bnc#1132828).
CVE-2019-9500: A brcmfmac heap buffer overflow in brcmf_wowl_nd_results was fixed. (bnc#1132681).
CVE-2019-3882: A flaw was found in the vfio interface implementation that permitted violation of the user’s locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS).
(bnc#1131416 bnc#1131427).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2019:1242-1.
# The text itself is copyright (C) SUSE.
#
include("compat.inc");
if (description)
{
script_id(125132);
script_version("1.4");
script_cvs_date("Date: 2020/01/31");
script_cve_id("CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-16880", "CVE-2019-11091", "CVE-2019-3882", "CVE-2019-9003", "CVE-2019-9500", "CVE-2019-9503");
script_name(english:"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:1242-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"The SUSE Linux Enterprise 12 SP4 Azure kernel was updated to receive
various security and bugfixes.
Four new speculative execution information leak issues have been
identified in Intel CPUs. (bsc#1111331)
CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory
(MDSUM)
This kernel update contains software mitigations for these issues,
which also utilize CPU microcode updates shipped in parallel.
For more information on this set of information leaks, check out
https://www.suse.com/support/kb/doc/?id=7023736
The following security bugs were fixed: CVE-2018-16880: A flaw was
found in the handle_rx() function in the vhost_net driver. A malicious
virtual guest, under specific conditions, could trigger an
out-of-bounds write in a kmalloc-8 slab on a virtual host which may
lead to a kernel memory corruption and a system panic. Due to the
nature of the flaw, privilege escalation cannot be fully ruled out.
(bnc#1122767).
CVE-2019-9003: Attackers could trigger a
drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by
arranging for certain simultaneous execution of the code, as
demonstrated by a 'service ipmievd restart' loop (bnc#1126704).
CVE-2019-9503: A brcmfmac frame validation bypass was fixed.
(bnc#1132828).
CVE-2019-9500: A brcmfmac heap buffer overflow in
brcmf_wowl_nd_results was fixed. (bnc#1132681).
CVE-2019-3882: A flaw was found in the vfio interface implementation
that permitted violation of the user's locked memory limit. If a
device is bound to a vfio driver, such as vfio-pci, and the local
attacker is administratively granted ownership of the device, it may
cause a system memory exhaustion and thus a denial of service (DoS).
(bnc#1131416 bnc#1131427).
The update package also includes non-security fixes. See advisory for
details.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1050549"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1051510"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1052904"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1053043"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1055117"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1055121"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1055186"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1061840"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1065600"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1065729"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1070872"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1078216"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1082555"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1083647"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1085535"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1085536"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1088804"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1093777"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1094120"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1094244"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1097583"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1097584"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1097585"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1097586"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1097587"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1097588"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1100132"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1103186"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1103259"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1107937"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1108193"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1108937"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1111331"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1112128"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1112178"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1113399"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1113722"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1114279"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1114542"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1114638"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1119086"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1119680"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1120318"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1120902"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1122767"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1123105"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1125342"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1126221"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1126356"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1126704"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1126740"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1127175"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1127371"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1127372"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1127374"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1127378"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1127445"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1128415"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1128544"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1129273"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1129276"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1129770"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1130130"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1130154"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1130195"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1130335"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1130336"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1130337"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1130338"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1130425"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1130427"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1130518"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1130527"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1130567"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1130579"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131062"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131107"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131167"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131168"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131169"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131170"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131171"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131172"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131173"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131174"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131175"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131176"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131177"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131178"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131179"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131180"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131290"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131326"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131335"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131336"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131416"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131427"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131442"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131467"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131574"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131587"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131659"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131673"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131847"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131848"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131851"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131900"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131934"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1131935"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132083"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132219"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132226"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132227"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132365"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132368"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132369"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132370"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132372"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132373"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132384"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132397"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132402"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132403"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132404"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132405"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132407"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132411"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132412"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132413"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132414"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132426"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132527"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132531"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132555"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132558"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132561"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132562"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132563"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132564"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132570"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132571"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132572"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132589"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132618"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132681"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132726"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132828"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1132943"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133005"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133094"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133095"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133115"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133149"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133486"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133529"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133584"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133667"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133668"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133672"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133674"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133675"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133698"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133702"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133731"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133769"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133772"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133774"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133778"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133779"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133780"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133825"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133850"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133851"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133852"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-12126/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-12127/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-12130/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-16880/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2019-11091/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2019-3882/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2019-9003/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2019-9500/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2019-9503/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/support/kb/doc/?id=7023736"
);
# https://www.suse.com/support/update/announcement/2019/suse-su-20191242-1/
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?c7d3241b"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Server 12-SP4:zypper in -t patch
SUSE-SLE-SERVER-12-SP4-2019-1242=1"
);
script_set_cvss_base_vector("CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-9503");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms-azure");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/29");
script_set_attribute(attribute:"patch_publication_date", value:"2019/05/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/15");
script_set_attribute(attribute:"in_the_news", value:"true");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
if (cpu >!< "x86_64") audit(AUDIT_ARCH_NOT, "x86_64", cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP4", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-azure-4.12.14-6.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-azure-base-4.12.14-6.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-azure-base-debuginfo-4.12.14-6.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-azure-debuginfo-4.12.14-6.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-azure-debugsource-4.12.14-6.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-azure-devel-4.12.14-6.12.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-syms-azure-4.12.14-6.12.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | kernel-azure | p-cpe:/a:novell:suse_linux:kernel-azure |
novell | suse_linux | kernel-azure-base | p-cpe:/a:novell:suse_linux:kernel-azure-base |
novell | suse_linux | kernel-azure-base-debuginfo | p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo |
novell | suse_linux | kernel-azure-debuginfo | p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo |
novell | suse_linux | kernel-azure-debugsource | p-cpe:/a:novell:suse_linux:kernel-azure-debugsource |
novell | suse_linux | kernel-azure-devel | p-cpe:/a:novell:suse_linux:kernel-azure-devel |
novell | suse_linux | kernel-syms-azure | p-cpe:/a:novell:suse_linux:kernel-syms-azure |
novell | suse_linux | 12 | cpe:/o:novell:suse_linux:12 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12126
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12127
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12130
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16880
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11091
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3882
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9003
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9500
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9503
www.nessus.org/u?c7d3241b
bugzilla.suse.com/show_bug.cgi?id=1050549
bugzilla.suse.com/show_bug.cgi?id=1051510
bugzilla.suse.com/show_bug.cgi?id=1052904
bugzilla.suse.com/show_bug.cgi?id=1053043
bugzilla.suse.com/show_bug.cgi?id=1055117
bugzilla.suse.com/show_bug.cgi?id=1055121
bugzilla.suse.com/show_bug.cgi?id=1055186
bugzilla.suse.com/show_bug.cgi?id=1061840
bugzilla.suse.com/show_bug.cgi?id=1065600
bugzilla.suse.com/show_bug.cgi?id=1065729
bugzilla.suse.com/show_bug.cgi?id=1070872
bugzilla.suse.com/show_bug.cgi?id=1078216
bugzilla.suse.com/show_bug.cgi?id=1082555
bugzilla.suse.com/show_bug.cgi?id=1083647
bugzilla.suse.com/show_bug.cgi?id=1085535
bugzilla.suse.com/show_bug.cgi?id=1085536
bugzilla.suse.com/show_bug.cgi?id=1088804
bugzilla.suse.com/show_bug.cgi?id=1093777
bugzilla.suse.com/show_bug.cgi?id=1094120
bugzilla.suse.com/show_bug.cgi?id=1094244
bugzilla.suse.com/show_bug.cgi?id=1097583
bugzilla.suse.com/show_bug.cgi?id=1097584
bugzilla.suse.com/show_bug.cgi?id=1097585
bugzilla.suse.com/show_bug.cgi?id=1097586
bugzilla.suse.com/show_bug.cgi?id=1097587
bugzilla.suse.com/show_bug.cgi?id=1097588
bugzilla.suse.com/show_bug.cgi?id=1100132
bugzilla.suse.com/show_bug.cgi?id=1103186
bugzilla.suse.com/show_bug.cgi?id=1103259
bugzilla.suse.com/show_bug.cgi?id=1107937
bugzilla.suse.com/show_bug.cgi?id=1108193
bugzilla.suse.com/show_bug.cgi?id=1108937
bugzilla.suse.com/show_bug.cgi?id=1111331
bugzilla.suse.com/show_bug.cgi?id=1112128
bugzilla.suse.com/show_bug.cgi?id=1112178
bugzilla.suse.com/show_bug.cgi?id=1113399
bugzilla.suse.com/show_bug.cgi?id=1113722
bugzilla.suse.com/show_bug.cgi?id=1114279
bugzilla.suse.com/show_bug.cgi?id=1114542
bugzilla.suse.com/show_bug.cgi?id=1114638
bugzilla.suse.com/show_bug.cgi?id=1119086
bugzilla.suse.com/show_bug.cgi?id=1119680
bugzilla.suse.com/show_bug.cgi?id=1120318
bugzilla.suse.com/show_bug.cgi?id=1120902
bugzilla.suse.com/show_bug.cgi?id=1122767
bugzilla.suse.com/show_bug.cgi?id=1123105
bugzilla.suse.com/show_bug.cgi?id=1125342
bugzilla.suse.com/show_bug.cgi?id=1126221
bugzilla.suse.com/show_bug.cgi?id=1126356
bugzilla.suse.com/show_bug.cgi?id=1126704
bugzilla.suse.com/show_bug.cgi?id=1126740
bugzilla.suse.com/show_bug.cgi?id=1127175
bugzilla.suse.com/show_bug.cgi?id=1127371
bugzilla.suse.com/show_bug.cgi?id=1127372
bugzilla.suse.com/show_bug.cgi?id=1127374
bugzilla.suse.com/show_bug.cgi?id=1127378
bugzilla.suse.com/show_bug.cgi?id=1127445
bugzilla.suse.com/show_bug.cgi?id=1128415
bugzilla.suse.com/show_bug.cgi?id=1128544
bugzilla.suse.com/show_bug.cgi?id=1129273
bugzilla.suse.com/show_bug.cgi?id=1129276
bugzilla.suse.com/show_bug.cgi?id=1129770
bugzilla.suse.com/show_bug.cgi?id=1130130
bugzilla.suse.com/show_bug.cgi?id=1130154
bugzilla.suse.com/show_bug.cgi?id=1130195
bugzilla.suse.com/show_bug.cgi?id=1130335
bugzilla.suse.com/show_bug.cgi?id=1130336
bugzilla.suse.com/show_bug.cgi?id=1130337
bugzilla.suse.com/show_bug.cgi?id=1130338
bugzilla.suse.com/show_bug.cgi?id=1130425
bugzilla.suse.com/show_bug.cgi?id=1130427
bugzilla.suse.com/show_bug.cgi?id=1130518
bugzilla.suse.com/show_bug.cgi?id=1130527
bugzilla.suse.com/show_bug.cgi?id=1130567
bugzilla.suse.com/show_bug.cgi?id=1130579
bugzilla.suse.com/show_bug.cgi?id=1131062
bugzilla.suse.com/show_bug.cgi?id=1131107
bugzilla.suse.com/show_bug.cgi?id=1131167
bugzilla.suse.com/show_bug.cgi?id=1131168
bugzilla.suse.com/show_bug.cgi?id=1131169
bugzilla.suse.com/show_bug.cgi?id=1131170
bugzilla.suse.com/show_bug.cgi?id=1131171
bugzilla.suse.com/show_bug.cgi?id=1131172
bugzilla.suse.com/show_bug.cgi?id=1131173
bugzilla.suse.com/show_bug.cgi?id=1131174
bugzilla.suse.com/show_bug.cgi?id=1131175
bugzilla.suse.com/show_bug.cgi?id=1131176
bugzilla.suse.com/show_bug.cgi?id=1131177
bugzilla.suse.com/show_bug.cgi?id=1131178
bugzilla.suse.com/show_bug.cgi?id=1131179
bugzilla.suse.com/show_bug.cgi?id=1131180
bugzilla.suse.com/show_bug.cgi?id=1131290
bugzilla.suse.com/show_bug.cgi?id=1131326
bugzilla.suse.com/show_bug.cgi?id=1131335
bugzilla.suse.com/show_bug.cgi?id=1131336
bugzilla.suse.com/show_bug.cgi?id=1131416
bugzilla.suse.com/show_bug.cgi?id=1131427
bugzilla.suse.com/show_bug.cgi?id=1131442
bugzilla.suse.com/show_bug.cgi?id=1131467
bugzilla.suse.com/show_bug.cgi?id=1131574
bugzilla.suse.com/show_bug.cgi?id=1131587
bugzilla.suse.com/show_bug.cgi?id=1131659
bugzilla.suse.com/show_bug.cgi?id=1131673
bugzilla.suse.com/show_bug.cgi?id=1131847
bugzilla.suse.com/show_bug.cgi?id=1131848
bugzilla.suse.com/show_bug.cgi?id=1131851
bugzilla.suse.com/show_bug.cgi?id=1131900
bugzilla.suse.com/show_bug.cgi?id=1131934
bugzilla.suse.com/show_bug.cgi?id=1131935
bugzilla.suse.com/show_bug.cgi?id=1132083
bugzilla.suse.com/show_bug.cgi?id=1132219
bugzilla.suse.com/show_bug.cgi?id=1132226
bugzilla.suse.com/show_bug.cgi?id=1132227
bugzilla.suse.com/show_bug.cgi?id=1132365
bugzilla.suse.com/show_bug.cgi?id=1132368
bugzilla.suse.com/show_bug.cgi?id=1132369
bugzilla.suse.com/show_bug.cgi?id=1132370
bugzilla.suse.com/show_bug.cgi?id=1132372
bugzilla.suse.com/show_bug.cgi?id=1132373
bugzilla.suse.com/show_bug.cgi?id=1132384
bugzilla.suse.com/show_bug.cgi?id=1132397
bugzilla.suse.com/show_bug.cgi?id=1132402
bugzilla.suse.com/show_bug.cgi?id=1132403
bugzilla.suse.com/show_bug.cgi?id=1132404
bugzilla.suse.com/show_bug.cgi?id=1132405
bugzilla.suse.com/show_bug.cgi?id=1132407
bugzilla.suse.com/show_bug.cgi?id=1132411
bugzilla.suse.com/show_bug.cgi?id=1132412
bugzilla.suse.com/show_bug.cgi?id=1132413
bugzilla.suse.com/show_bug.cgi?id=1132414
bugzilla.suse.com/show_bug.cgi?id=1132426
bugzilla.suse.com/show_bug.cgi?id=1132527
bugzilla.suse.com/show_bug.cgi?id=1132531
bugzilla.suse.com/show_bug.cgi?id=1132555
bugzilla.suse.com/show_bug.cgi?id=1132558
bugzilla.suse.com/show_bug.cgi?id=1132561
bugzilla.suse.com/show_bug.cgi?id=1132562
bugzilla.suse.com/show_bug.cgi?id=1132563
bugzilla.suse.com/show_bug.cgi?id=1132564
bugzilla.suse.com/show_bug.cgi?id=1132570
bugzilla.suse.com/show_bug.cgi?id=1132571
bugzilla.suse.com/show_bug.cgi?id=1132572
bugzilla.suse.com/show_bug.cgi?id=1132589
bugzilla.suse.com/show_bug.cgi?id=1132618
bugzilla.suse.com/show_bug.cgi?id=1132681
bugzilla.suse.com/show_bug.cgi?id=1132726
bugzilla.suse.com/show_bug.cgi?id=1132828
bugzilla.suse.com/show_bug.cgi?id=1132943
bugzilla.suse.com/show_bug.cgi?id=1133005
bugzilla.suse.com/show_bug.cgi?id=1133094
bugzilla.suse.com/show_bug.cgi?id=1133095
bugzilla.suse.com/show_bug.cgi?id=1133115
bugzilla.suse.com/show_bug.cgi?id=1133149
bugzilla.suse.com/show_bug.cgi?id=1133486
bugzilla.suse.com/show_bug.cgi?id=1133529
bugzilla.suse.com/show_bug.cgi?id=1133584
bugzilla.suse.com/show_bug.cgi?id=1133667
bugzilla.suse.com/show_bug.cgi?id=1133668
bugzilla.suse.com/show_bug.cgi?id=1133672
bugzilla.suse.com/show_bug.cgi?id=1133674
bugzilla.suse.com/show_bug.cgi?id=1133675
bugzilla.suse.com/show_bug.cgi?id=1133698
bugzilla.suse.com/show_bug.cgi?id=1133702
bugzilla.suse.com/show_bug.cgi?id=1133731
bugzilla.suse.com/show_bug.cgi?id=1133769
bugzilla.suse.com/show_bug.cgi?id=1133772
bugzilla.suse.com/show_bug.cgi?id=1133774
bugzilla.suse.com/show_bug.cgi?id=1133778
bugzilla.suse.com/show_bug.cgi?id=1133779
bugzilla.suse.com/show_bug.cgi?id=1133780
bugzilla.suse.com/show_bug.cgi?id=1133825
bugzilla.suse.com/show_bug.cgi?id=1133850
bugzilla.suse.com/show_bug.cgi?id=1133851
bugzilla.suse.com/show_bug.cgi?id=1133852
www.suse.com/security/cve/CVE-2018-12126/
www.suse.com/security/cve/CVE-2018-12127/
www.suse.com/security/cve/CVE-2018-12130/
www.suse.com/security/cve/CVE-2018-16880/
www.suse.com/security/cve/CVE-2019-11091/
www.suse.com/security/cve/CVE-2019-3882/
www.suse.com/security/cve/CVE-2019-9003/
www.suse.com/security/cve/CVE-2019-9500/
www.suse.com/security/cve/CVE-2019-9503/
www.suse.com/support/kb/doc/?id=7023736