Lucene search

HistoryJun 14, 2019 - 12:00 a.m.

SUSE SLED15 / SLES15 Security Update : elfutils (SUSE-SU-2019:1486-1)

2019-06-1400:00:00

www.tenable.com

JSON

This update for elfutils fixes the following issues :

Security issues fixed :

CVE-2017-7607: Fixed a heap-based buffer overflow in handle_gnu_hash (bsc#1033084)

CVE-2017-7608: Fixed a heap-based buffer overflow in ebl_object_note_type_name() (bsc#1033085)

CVE-2017-7609: Fixed a memory allocation failure in
__libelf_decompress (bsc#1033086)

CVE-2017-7610: Fixed a heap-based buffer overflow in check_group (bsc#1033087)

CVE-2017-7611: Fixed a denial of service via a crafted ELF file (bsc#1033088)

CVE-2017-7612: Fixed a denial of service in check_sysv_hash() via a crafted ELF file (bsc#1033089)

CVE-2017-7613: Fixed denial of service caused by the missing validation of the number of sections and the number of segments in a crafted ELF file (bsc#1033090)

CVE-2018-16062: Fixed a heap-buffer overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bsc#1106390)

CVE-2018-16402: Fixed a denial of service/double free on an attempt to decompress the same section twice (bsc#1107066)

CVE-2018-16403: Fixed a heap buffer overflow in readelf (bsc#1107067)

CVE-2018-18310: Fixed an invalid address read problem in dwfl_segment_report_module.c (bsc#1111973)

CVE-2018-18520: Fixed bad handling of ar files inside are files (bsc#1112726)

CVE-2018-18521: Fixed a denial of service vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bsc#1112723)

CVE-2019-7150: dwfl_segment_report_module doesn’t check whether the dyn data read from core file is truncated (bsc#1123685)

CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (bsc#1125007)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2019:1486-1.
# The text itself is copyright (C) SUSE.
#

include("compat.inc");

if (description)
{
  script_id(125921);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/13");

  script_cve_id("CVE-2017-7607", "CVE-2017-7608", "CVE-2017-7609", "CVE-2017-7610", "CVE-2017-7611", "CVE-2017-7612", "CVE-2017-7613", "CVE-2018-16062", "CVE-2018-16402", "CVE-2018-16403", "CVE-2018-18310", "CVE-2018-18520", "CVE-2018-18521", "CVE-2019-7150", "CVE-2019-7665");

  script_name(english:"SUSE SLED15 / SLES15 Security Update : elfutils (SUSE-SU-2019:1486-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description",
    value:
"This update for elfutils fixes the following issues :

Security issues fixed :

CVE-2017-7607: Fixed a heap-based buffer overflow in handle_gnu_hash
(bsc#1033084)

CVE-2017-7608: Fixed a heap-based buffer overflow in
ebl_object_note_type_name() (bsc#1033085)

CVE-2017-7609: Fixed a memory allocation failure in
__libelf_decompress (bsc#1033086)

CVE-2017-7610: Fixed a heap-based buffer overflow in check_group
(bsc#1033087)

CVE-2017-7611: Fixed a denial of service via a crafted ELF file
(bsc#1033088)

CVE-2017-7612: Fixed a denial of service in check_sysv_hash() via a
crafted ELF file (bsc#1033089)

CVE-2017-7613: Fixed denial of service caused by the missing
validation of the number of sections and the number of segments in a
crafted ELF file (bsc#1033090)

CVE-2018-16062: Fixed a heap-buffer overflow in
/elfutils/libdw/dwarf_getaranges.c:156 (bsc#1106390)

CVE-2018-16402: Fixed a denial of service/double free on an attempt to
decompress the same section twice (bsc#1107066)

CVE-2018-16403: Fixed a heap buffer overflow in readelf (bsc#1107067)

CVE-2018-18310: Fixed an invalid address read problem in
dwfl_segment_report_module.c (bsc#1111973)

CVE-2018-18520: Fixed bad handling of ar files inside are files
(bsc#1112726)

CVE-2018-18521: Fixed a denial of service vulnerabilities in the
function arlib_add_symbols() used by eu-ranlib (bsc#1112723)

CVE-2019-7150: dwfl_segment_report_module doesn't check whether the
dyn data read from core file is truncated (bsc#1123685)

CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated
string (bsc#1125007)

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1033084"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1033085"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1033086"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1033087"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1033088"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1033089"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1033090"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1106390"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1107066"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1107067"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1111973"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1112723"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1112726"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1123685"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1125007"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7607/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7608/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7609/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7610/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7611/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7612/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7613/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-16062/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-16402/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-16403/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-18310/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-18520/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-18521/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-7150/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-7665/"
  );
  # https://www.suse.com/support/update/announcement/2019/suse-su-20191486-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?83b330da"
  );
  script_set_attribute(
    attribute:"solution",
    value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Module for Open Buildservice Development Tools
15-SP1:zypper in -t patch
SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-1486=1

SUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch
SUSE-SLE-Module-Basesystem-15-SP1-2019-1486=1

SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch
SUSE-SLE-Module-Basesystem-15-2019-1486=1"
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:elfutils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:elfutils-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:elfutils-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libasm-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libasm1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libasm1-32bit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libasm1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdw-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdw1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdw1-32bit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdw1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libebl-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libebl-plugins");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libebl-plugins-32bit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libebl-plugins-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libelf-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libelf1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libelf1-32bit-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libelf1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/04/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/06/13");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/14");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(0|1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0/1", os_ver + " SP" + sp);
if (os_ver == "SLED15" && (! preg(pattern:"^(0|1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0/1", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libasm1-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libasm1-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libdw1-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libdw1-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libebl-plugins-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libebl-plugins-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libelf-devel-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libelf1-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"libelf1-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"elfutils-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"elfutils-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"elfutils-debugsource-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libasm-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libasm1-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libasm1-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libdw-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libdw1-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libdw1-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libebl-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libebl-plugins-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libebl-plugins-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libelf-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libelf1-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"1", reference:"libelf1-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libdw1-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libdw1-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libebl-plugins-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libebl-plugins-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libelf1-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libelf1-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"elfutils-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"elfutils-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"elfutils-debugsource-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libasm-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libasm1-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libasm1-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libdw-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libdw1-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libdw1-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libebl-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libebl-plugins-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libebl-plugins-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libelf-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libelf1-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLES15", sp:"0", reference:"libelf1-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libasm1-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libasm1-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libdw1-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libdw1-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libebl-plugins-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libebl-plugins-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libelf-devel-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libelf1-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"libelf1-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"elfutils-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"elfutils-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"elfutils-debugsource-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libasm-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libasm1-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libasm1-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libdw-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libdw1-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libdw1-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libebl-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libebl-plugins-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libebl-plugins-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libelf-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libelf1-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"1", reference:"libelf1-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libdw1-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libdw1-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libebl-plugins-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libebl-plugins-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libelf1-32bit-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libelf1-32bit-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"elfutils-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"elfutils-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"elfutils-debugsource-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libasm-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libasm1-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libasm1-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libdw-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libdw1-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libdw1-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libebl-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libebl-plugins-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libebl-plugins-debuginfo-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libelf-devel-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libelf1-0.168-4.5.3")) flag++;
if (rpm_check(release:"SLED15", sp:"0", reference:"libelf1-debuginfo-0.168-4.5.3")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "elfutils");
}

VendorProductVersionCPE
novellsuse_linuxelfutilsp-cpe:/a:novell:suse_linux:elfutils
novellsuse_linuxelfutils-debuginfop-cpe:/a:novell:suse_linux:elfutils-debuginfo
novellsuse_linuxelfutils-debugsourcep-cpe:/a:novell:suse_linux:elfutils-debugsource
novellsuse_linuxlibasm-develp-cpe:/a:novell:suse_linux:libasm-devel
novellsuse_linuxlibasm1p-cpe:/a:novell:suse_linux:libasm1
novellsuse_linuxlibasm1-32bit-debuginfop-cpe:/a:novell:suse_linux:libasm1-32bit-debuginfo
novellsuse_linuxlibasm1-debuginfop-cpe:/a:novell:suse_linux:libasm1-debuginfo
novellsuse_linuxlibdw-develp-cpe:/a:novell:suse_linux:libdw-devel
novellsuse_linuxlibdw1p-cpe:/a:novell:suse_linux:libdw1
novellsuse_linuxlibdw1-32bit-debuginfop-cpe:/a:novell:suse_linux:libdw1-32bit-debuginfo

Vendor	Product	Version	CPE
novell	suse_linux	elfutils	p-cpe:/a:novell:suse_linux:elfutils
novell	suse_linux	elfutils-debuginfo	p-cpe:/a:novell:suse_linux:elfutils-debuginfo
novell	suse_linux	elfutils-debugsource	p-cpe:/a:novell:suse_linux:elfutils-debugsource
novell	suse_linux	libasm-devel	p-cpe:/a:novell:suse_linux:libasm-devel
novell	suse_linux	libasm1	p-cpe:/a:novell:suse_linux:libasm1
novell	suse_linux	libasm1-32bit-debuginfo	p-cpe:/a:novell:suse_linux:libasm1-32bit-debuginfo
novell	suse_linux	libasm1-debuginfo	p-cpe:/a:novell:suse_linux:libasm1-debuginfo
novell	suse_linux	libdw-devel	p-cpe:/a:novell:suse_linux:libdw-devel
novell	suse_linux	libdw1	p-cpe:/a:novell:suse_linux:libdw1
novell	suse_linux	libdw1-32bit-debuginfo	p-cpe:/a:novell:suse_linux:libdw1-32bit-debuginfo

Rows per page:

1-10 of 201

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7607

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7608

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7609

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7610

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7611

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7612

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7613

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16062

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16402

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16403

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18310

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18520

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18521

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7150

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7665

www.nessus.org/u?83b330da

bugzilla.suse.com/show_bug.cgi?id=1033084

bugzilla.suse.com/show_bug.cgi?id=1033085

bugzilla.suse.com/show_bug.cgi?id=1033086

bugzilla.suse.com/show_bug.cgi?id=1033087

bugzilla.suse.com/show_bug.cgi?id=1033088

bugzilla.suse.com/show_bug.cgi?id=1033089

bugzilla.suse.com/show_bug.cgi?id=1033090

bugzilla.suse.com/show_bug.cgi?id=1106390

bugzilla.suse.com/show_bug.cgi?id=1107066

bugzilla.suse.com/show_bug.cgi?id=1107067

bugzilla.suse.com/show_bug.cgi?id=1111973

bugzilla.suse.com/show_bug.cgi?id=1112723

bugzilla.suse.com/show_bug.cgi?id=1112726

bugzilla.suse.com/show_bug.cgi?id=1123685

bugzilla.suse.com/show_bug.cgi?id=1125007

www.suse.com/security/cve/CVE-2017-7607/

www.suse.com/security/cve/CVE-2017-7608/

www.suse.com/security/cve/CVE-2017-7609/

www.suse.com/security/cve/CVE-2017-7610/

www.suse.com/security/cve/CVE-2017-7611/

www.suse.com/security/cve/CVE-2017-7612/

www.suse.com/security/cve/CVE-2017-7613/

www.suse.com/security/cve/CVE-2018-16062/

www.suse.com/security/cve/CVE-2018-16402/

www.suse.com/security/cve/CVE-2018-16403/

www.suse.com/security/cve/CVE-2018-18310/

www.suse.com/security/cve/CVE-2018-18520/

www.suse.com/security/cve/CVE-2018-18521/

www.suse.com/security/cve/CVE-2019-7150/

www.suse.com/security/cve/CVE-2019-7665/

JSON

Related for SUSE_SU-2019-1486-1.NASL