Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2019-2299-1.NASL
HistorySep 06, 2019 - 12:00 a.m.

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2299-1)

2019-09-0600:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
42
JSON

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed :

CVE-2019-3819: A flaw was fixed in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may have enter an infinite loop with certain parameters passed from a userspace. A local privileged user (‘root’) could have caused a system lock up and a denial of service (bnc#1123161).

CVE-2019-15118: Fixed kernel stack exhaustion in check_input_term in sound/usb/mixer.c via mishandled recursion (bnc#1145922).

CVE-2019-15117: Fixed out-of-bounds memory access in parse_audio_mixer_unit in sound/usb/mixer.c via mishandled short descriptor (bnc#1145920).

CVE-2019-14284: The drivers/block/floppy.c allowed a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted.
NOTE: QEMU creates the floppy device by default (bsc#1143189).

CVE-2019-14283: The function set_geometry in drivers/block/floppy.c did not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE:
QEMU creates the floppy device by default (bsc#1143191).

CVE-2019-13631: In parse_hid_report_descriptor in drivers/input/tablet/gtco.c, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages (bsc#1142023).

CVE-2019-11810: A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free (bsc#1134399).

CVE-2019-1125: Enable Spectre v1 swapgs mitigations (bsc#1139358).

CVE-2019-10207: Check for missing tty operations in bluetooth/hci_uart (bsc#1142857).

CVE-2018-20856: Fixed a use-after-free issue in block/blk-core.c, where certain error case are mishandled (bnc#1143048).

CVE-2018-20855: An issue was discovered in create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace (bsc#1143045).

CVE-2017-18551: An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel There was an out of bounds write in the function i2c_smbus_xfer_emulated (bnc#1146163).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2019:2299-1.
# The text itself is copyright (C) SUSE.
#

include("compat.inc");

if (description)
{
  script_id(128542);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/13");

  script_cve_id("CVE-2017-18551", "CVE-2018-20855", "CVE-2018-20856", "CVE-2019-10207", "CVE-2019-1125", "CVE-2019-11810", "CVE-2019-13631", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-15117", "CVE-2019-15118", "CVE-2019-3819");

  script_name(english:"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2299-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description",
    value:
"The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed :

CVE-2019-3819: A flaw was fixed in the function
hid_debug_events_read() in drivers/hid/hid-debug.c file which may have
enter an infinite loop with certain parameters passed from a
userspace. A local privileged user ('root') could have caused a system
lock up and a denial of service (bnc#1123161).

CVE-2019-15118: Fixed kernel stack exhaustion in check_input_term in
sound/usb/mixer.c via mishandled recursion (bnc#1145922).

CVE-2019-15117: Fixed out-of-bounds memory access in
parse_audio_mixer_unit in sound/usb/mixer.c via mishandled short
descriptor (bnc#1145920).

CVE-2019-14284: The drivers/block/floppy.c allowed a denial of service
by setup_format_params division-by-zero. Two consecutive ioctls can
trigger the bug: the first one should set the drive geometry with
.sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the
floppy format operation should be called. It can be triggered by an
unprivileged local user even when a floppy disk has not been inserted.
NOTE: QEMU creates the floppy device by default (bsc#1143189).

CVE-2019-14283: The function set_geometry in drivers/block/floppy.c
did not validate the sect and head fields, as demonstrated by an
integer overflow and out-of-bounds read. It can be triggered by an
unprivileged local user when a floppy disk has been inserted. NOTE:
QEMU creates the floppy device by default (bsc#1143191).

CVE-2019-13631: In parse_hid_report_descriptor in
drivers/input/tablet/gtco.c, a malicious USB device can send an HID
report that triggers an out-of-bounds write during generation of
debugging messages (bsc#1142023).

CVE-2019-11810: A NULL pointer dereference can occur when
megasas_create_frame_pool() fails in megasas_alloc_cmds() in
drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of
Service, related to a use-after-free (bsc#1134399).

CVE-2019-1125: Enable Spectre v1 swapgs mitigations (bsc#1139358).

CVE-2019-10207: Check for missing tty operations in bluetooth/hci_uart
(bsc#1142857).

CVE-2018-20856: Fixed a use-after-free issue in block/blk-core.c,
where certain error case are mishandled (bnc#1143048).

CVE-2018-20855: An issue was discovered in create_qp_common in
drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never
initialized, resulting in a leak of stack memory to userspace
(bsc#1143045).

CVE-2017-18551: An issue was discovered in
drivers/i2c/i2c-core-smbus.c in the Linux kernel There was an out of
bounds write in the function i2c_smbus_xfer_emulated (bnc#1146163).

The update package also includes non-security fixes. See advisory for
details.

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1045640"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1076033"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1107256"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1123161"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1130972"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1134399"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1139358"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140012"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140652"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140903"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140945"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1141401"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1141402"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1141452"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1141453"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1141454"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1141628"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142023"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142098"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142857"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1143045"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1143048"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1143189"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1143191"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1144257"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1144273"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1144288"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1144920"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1145920"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1145922"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1146163"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-18551/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-20855/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-20856/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-10207/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-1125/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-11810/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-13631/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-14283/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-14284/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-15117/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-15118/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-3819/"
  );
  # https://www.suse.com/support/update/announcement/2019/suse-su-20192299-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?9ce411ba"
  );
  script_set_attribute(
    attribute:"solution",
    value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE OpenStack Cloud 7:zypper in -t patch
SUSE-OpenStack-Cloud-7-2019-2299=1

SUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch
SUSE-SLE-SAP-12-SP2-2019-2299=1

SUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch
SUSE-SLE-SERVER-12-SP2-2019-2299=1

SUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch
SUSE-SLE-SERVER-12-SP2-BCL-2019-2299=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch
SUSE-SLE-HA-12-SP2-2019-2299=1

SUSE Enterprise Storage 4:zypper in -t patch
SUSE-Storage-4-2019-2299=1"
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-15117");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-man");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_120-default");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/09/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/06");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP2", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"kgraft-patch-4_4_121-92_120-default-1-3.3.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"s390x", reference:"kernel-default-man-4.4.121-92.120.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"kernel-default-4.4.121-92.120.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"kernel-default-base-4.4.121-92.120.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"kernel-default-base-debuginfo-4.4.121-92.120.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"kernel-default-debuginfo-4.4.121-92.120.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"kernel-default-debugsource-4.4.121-92.120.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"kernel-default-devel-4.4.121-92.120.1")) flag++;
if (rpm_check(release:"SLES12", sp:"2", reference:"kernel-syms-4.4.121-92.120.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
VendorProductVersionCPE
novellsuse_linuxkernel-defaultp-cpe:/a:novell:suse_linux:kernel-default
novellsuse_linuxkernel-default-basep-cpe:/a:novell:suse_linux:kernel-default-base
novellsuse_linuxkernel-default-base-debuginfop-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo
novellsuse_linuxkernel-default-debuginfop-cpe:/a:novell:suse_linux:kernel-default-debuginfo
novellsuse_linuxkernel-default-debugsourcep-cpe:/a:novell:suse_linux:kernel-default-debugsource
novellsuse_linuxkernel-default-develp-cpe:/a:novell:suse_linux:kernel-default-devel
novellsuse_linuxkernel-default-manp-cpe:/a:novell:suse_linux:kernel-default-man
novellsuse_linuxkernel-symsp-cpe:/a:novell:suse_linux:kernel-syms
novellsuse_linuxkgraft-patch-4_4_121-92_120-defaultp-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_120-default
novellsuse_linux12cpe:/o:novell:suse_linux:12

References

Related

nessus 44
suse 2
openvas 20
slackware 1
debian 9
mageia 2
osv 7
ubuntu 3
photon 2
ibm 2
oraclelinux 10
prion 11
cve 11
redhatcve 12
debiancve 11
ubuntucve 11
veracode 6
f5 4
redhat 4
cbl_mariner 2
githubexploit 2
fedora 6
virtuozzo 5
mscve 1
cisa 1
exploitpack 1
thn 1
kaspersky 3
zdt 1
threatpost 1
amazon 2
huawei 1
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2263-1)
2019-09-03 00:00:00
openSUSE Security Update : the Linux Kernel (openSUSE-2019-1923)
2019-08-20 00:00:00
openSUSE Security Update : the Linux Kernel (openSUSE-2019-1924)
2019-08-20 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2019-08-16 00:00:00
Security update for the Linux Kernel (important)
2019-08-16 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (openSUSE-SU-2019:1924-1)
2019-08-17 00:00:00
openSUSE: Security Advisory for the Linux Kernel (openSUSE-SU-2019:1923-1)
2020-01-09 00:00:00
Debian LTS: Security Advisory for linux (DLA-1884-1)
2019-08-14 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2019-08-14 06:12:49
debian
debian
[SECURITY] [DLA 1884-1] linux security update
2019-08-14 00:16:24
[SECURITY] [DLA 1885-1] linux-4.9 security update
2019-08-14 11:46:37
[SECURITY] [DSA 4497-1] linux security update
2019-08-13 04:36:17
mageia
mageia
Updated kernel packages fix security vulnerabilities
2019-08-13 00:08:18
Updated kernel packages fix security vulnerabilities
2019-08-13 00:08:18
osv
osv
linux-4.9 - security update
2019-08-13 00:00:00
linux - security update
2019-08-13 00:00:00
linux - security update
2019-08-10 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2019-09-02 00:00:00
Linux kernel vulnerabilities
2019-09-02 00:00:00
Linux kernel (AWS) vulnerability
2019-08-13 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0175
2019-09-10 00:00:00
Critical Photon OS Security Update - PHSA-2019-0175
2019-09-03 00:00:00
ibm
ibm
Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-ze
2020-07-24 21:16:35
Security Bulletin: IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities
2020-07-13 20:37:42
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2019-10-11 00:00:00
kernel security and bug fix update
2019-09-11 00:00:00
Unbreakable Enterprise kernel security update
2019-08-08 00:00:00
prion
prion
Out-of-bounds
2019-08-19 02:15:00
Memory corruption
2019-07-26 05:15:00
Cross site request forgery (csrf)
2019-08-16 14:15:00
cve
cve
CVE-2017-18551
2019-08-19 02:15:00
CVE-2018-20855
2019-07-26 05:15:00
CVE-2019-14284
2019-07-26 13:15:00
redhatcve
redhatcve
CVE-2018-20855
2019-10-29 04:05:01
CVE-2017-18551
2020-04-07 11:15:18
CVE-2019-15118
2020-04-04 05:35:44
debiancve
debiancve
CVE-2018-20855
2019-07-26 05:15:00
CVE-2019-15117
2019-08-16 14:15:00
CVE-2017-18551
2019-08-19 02:15:00
ubuntucve
ubuntucve
CVE-2018-20855
2019-07-26 00:00:00
CVE-2019-14284
2019-07-26 00:00:00
CVE-2017-18551
2019-08-19 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-10-01 03:51:25
Denial Of Service (DoS)
2020-04-03 00:40:32
Use-after-Free
2019-10-16 00:21:14
f5
f5
K16449953 : Linux parse_audio_mixer_unit kernel vulnerability CVE-2019-15117
2019-10-10 00:00:00
K48073202 : Linux kernel vulnerability CVE-2017-18551
2019-10-10 00:00:00
K14673240 : Linux kernel vulnerability CVE-2018-20856
2019-10-15 00:00:00
redhat
redhat
(RHSA-2020:0698) Important: kpatch-patch security update
2020-03-03 15:42:56
(RHSA-2019:3217) Important: kernel-alt security and bug fix update
2019-10-29 11:35:37
(RHSA-2019:3011) Moderate: Red Hat Virtualization security, bug fix, and enhancement update
2019-10-10 14:48:00
cbl_mariner
cbl_mariner
CVE-2019-3819 affecting package kernel 5.10.189.1-1
2021-09-09 15:03:26
CVE-2019-3819 affecting package kernel 5.15.153.1-1
2022-04-09 06:52:47
githubexploit
githubexploit
Exploit for NULL Pointer Dereference in Linux Linux Kernel
2019-07-30 08:39:21
Exploit for Vulnerability in Microsoft
2020-01-27 12:27:53
fedora
fedora
[SECURITY] Fedora 30 Update: kernel-headers-5.1.19-300.fc30
2019-07-26 01:01:21
[SECURITY] Fedora 29 Update: kernel-headers-5.1.20-200.fc29
2019-07-31 01:49:26
[SECURITY] Fedora 29 Update: kernel-headers-5.2.7-100.fc29
2019-08-11 01:43:14
virtuozzo
virtuozzo
Kernel security update: Virtuozzo ReadyKernel patch 88.0 for Virtuozzo 7.0.7
2019-10-01 00:00:00
Kernel security update: Virtuozzo ReadyKernel patch 88.1 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0
2019-10-02 00:00:00
Important kernel security update: New kernel 2.6.32-042stab140.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0
2019-08-19 00:00:00
mscve
mscve
Windows Kernel Information Disclosure Vulnerability
2019-08-06 07:00:00
cisa
cisa
SWAPGS Spectre Side-Channel Vulnerability
2019-08-06 00:00:00
exploitpack
exploitpack
Windows Kernel - Information Disclosure
2020-01-27 00:00:00
thn
thn
SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs
2019-08-06 20:00:00
kaspersky
kaspersky
KLA11696 OSI vulnerability in Microsoft products (ESU)
2019-08-06 00:00:00
KLA11529 Windows Kernel Information Disclosure Vulnerability
2019-08-06 00:00:00
KLA11700 OSI vulnerability in Microsoft products (ESU)
2019-08-06 00:00:00
zdt
zdt
Windows Kernel - Information Disclosure Vulnerability
2020-02-15 00:00:00
threatpost
threatpost
New SWAPGS Side-Channel Attack Bypasses Spectre and Meltdown Defenses
2019-08-07 13:55:07
amazon
amazon
Medium: kernel
2019-08-05 17:40:00
Medium: kernel
2019-08-05 17:48:00
huawei
huawei
Security Advisory - Information Disclosure Vulnerability about SWAPGS Instruction
2020-04-08 00:00:00
JSON
Related for SUSE_SU-2019-2299-1.NASL
nessus44suse2openvas20slackware1debian9mageia2osv7ubuntu3photon2ibm2oraclelinux10prion11cve11redhatcve12debiancve11ubuntucve11veracode6f54redhat4cbl_mariner2githubexploit2fedora6virtuozzo5mscve1cisa1exploitpack1thn1kaspersky3zdt1threatpost1amazon2huawei1