CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
88.0%
The SUSE Linux Enterprise 12 SP4 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed :
CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources (bsc#1163971).
CVE-2020-8992: An issue was discovered in ext4_protect_reserved_inode in fs/ext4/block_validity.c that allowed attackers to cause a soft lockup via a crafted journal size (bnc#1164069).
CVE-2020-8648: There was a use-after-free vulnerability in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (bnc#1162928).
CVE-2020-8428: There was a use-after-free bug in fs/namei.c, which allowed local users to cause a denial of service or possibly obtain sensitive information from kernel memory (bnc#1162109).
CVE-2020-7053: There was a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c (bnc#1160966).
CVE-2019-19045: A memory leak in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c allowed attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures (bnc#1161522).
CVE-2019-16994: A memory leak existed in sit_init_net() in net/ipv6/sit.c which might have caused denial of service (bnc#1161523).
CVE-2019-19054: A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c allowed attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures (bnc#1161518).
CVE-2019-14896: A heap overflow was found in the add_ie_rates() function of the Marvell Wifi Driver (bsc#1157157).
CVE-2019-14897: A stack overflow was found in the lbs_ibss_join_existing() function of the Marvell Wifi Driver (bsc#1157155).
CVE-2019-19318: Mounting a crafted btrfs image twice could have caused a use-after-free (bnc#1158026).
CVE-2019-19036: An issue discovered in btrfs_root_node in fs/btrfs/ctree.c allowed a NULL pointer dereference because rcu_dereference(root->node) can be zero (bnc#1157692).
CVE-2019-14615: An information disclosure vulnerability existed due to insufficient control flow in certain data structures for some IntelĀ® Processors (bnc#1160195).
CVE-2019-19965: There was a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition (bnc#1159911).
CVE-2019-20095: Fixed a memory leak and denial of service in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c, where some error-handling cases did not free allocated hostcmd memory (bnc#1159909).
CVE-2019-20054: Fixed a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c related to put_links (bnc#1159910).
CVE-2019-20096: Fixed a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service (bnc#1159908).
CVE-2019-19966: Fixed a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service (bnc#1159841).
CVE-2019-19447: Mounting a crafted ext4 filesystem image, performing some operations, and unmounting could have led to a use-after-free in fs/ext4/super.c (bnc#1158819).
CVE-2019-19319: A setxattr operation, after a mount of a crafted ext4 image, could cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call (bnc#1158021).
CVE-2019-19767: The Linux kernel mishandled ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c (bnc#1159297).
CVE-2019-18808: A memory leak in the ccp_run_sha_cmd() in drivers/crypto/ccp/ccp-ops.c allowed attackers to cause a denial of service (memory consumption) (bnc#1156259).
CVE-2019-19066: A memory leak in the bfad_im_get_stats() in drivers/scsi/bfa/bfad_attr.c allowed attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures (bnc#1157303).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2020:0559-1.
# The text itself is copyright (C) SUSE.
#
include('compat.inc');
if (description)
{
script_id(134288);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/25");
script_cve_id(
"CVE-2019-14615",
"CVE-2019-14896",
"CVE-2019-14897",
"CVE-2019-16994",
"CVE-2019-18808",
"CVE-2019-19036",
"CVE-2019-19045",
"CVE-2019-19054",
"CVE-2019-19066",
"CVE-2019-19318",
"CVE-2019-19319",
"CVE-2019-19447",
"CVE-2019-19767",
"CVE-2019-19965",
"CVE-2019-19966",
"CVE-2019-20054",
"CVE-2019-20095",
"CVE-2019-20096",
"CVE-2020-2732",
"CVE-2020-7053",
"CVE-2020-8428",
"CVE-2020-8648",
"CVE-2020-8992"
);
script_name(english:"SUSE SLES12 Security Update : kernel (SUSE-SU-2020:0559-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The SUSE Linux Enterprise 12 SP4 Azure kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed :
CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest
may trick the L0 hypervisor into accessing sensitive L1 resources
(bsc#1163971).
CVE-2020-8992: An issue was discovered in ext4_protect_reserved_inode
in fs/ext4/block_validity.c that allowed attackers to cause a soft
lockup via a crafted journal size (bnc#1164069).
CVE-2020-8648: There was a use-after-free vulnerability in the
n_tty_receive_buf_common function in drivers/tty/n_tty.c
(bnc#1162928).
CVE-2020-8428: There was a use-after-free bug in fs/namei.c, which
allowed local users to cause a denial of service or possibly obtain
sensitive information from kernel memory (bnc#1162109).
CVE-2020-7053: There was a use-after-free (write) in the
i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c
(bnc#1160966).
CVE-2019-19045: A memory leak in
drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c allowed attackers
to cause a denial of service (memory consumption) by triggering
mlx5_vector2eqn() failures (bnc#1161522).
CVE-2019-16994: A memory leak existed in sit_init_net() in
net/ipv6/sit.c which might have caused denial of service
(bnc#1161523).
CVE-2019-19054: A memory leak in the cx23888_ir_probe() function in
drivers/media/pci/cx23885/cx23888-ir.c allowed attackers to cause a
denial of service (memory consumption) by triggering kfifo_alloc()
failures (bnc#1161518).
CVE-2019-14896: A heap overflow was found in the add_ie_rates()
function of the Marvell Wifi Driver (bsc#1157157).
CVE-2019-14897: A stack overflow was found in the
lbs_ibss_join_existing() function of the Marvell Wifi Driver
(bsc#1157155).
CVE-2019-19318: Mounting a crafted btrfs image twice could have caused
a use-after-free (bnc#1158026).
CVE-2019-19036: An issue discovered in btrfs_root_node in
fs/btrfs/ctree.c allowed a NULL pointer dereference because
rcu_dereference(root->node) can be zero (bnc#1157692).
CVE-2019-14615: An information disclosure vulnerability existed due to
insufficient control flow in certain data structures for some Intel(R)
Processors (bnc#1160195).
CVE-2019-19965: There was a NULL pointer dereference in
drivers/scsi/libsas/sas_discover.c because of mishandling of port
disconnection during discovery, related to a PHY down race condition
(bnc#1159911).
CVE-2019-20095: Fixed a memory leak and denial of service in
mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c,
where some error-handling cases did not free allocated hostcmd memory
(bnc#1159909).
CVE-2019-20054: Fixed a NULL pointer dereference in
drop_sysctl_table() in fs/proc/proc_sysctl.c related to put_links
(bnc#1159910).
CVE-2019-20096: Fixed a memory leak in __feat_register_sp() in
net/dccp/feat.c, which may cause denial of service (bnc#1159908).
CVE-2019-19966: Fixed a use-after-free in cpia2_exit() in
drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service
(bnc#1159841).
CVE-2019-19447: Mounting a crafted ext4 filesystem image, performing
some operations, and unmounting could have led to a use-after-free in
fs/ext4/super.c (bnc#1158819).
CVE-2019-19319: A setxattr operation, after a mount of a crafted ext4
image, could cause a slab-out-of-bounds write access because of an
ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large
old_size value is used in a memset call (bnc#1158021).
CVE-2019-19767: The Linux kernel mishandled ext4_expand_extra_isize,
as demonstrated by use-after-free errors in __ext4_expand_extra_isize
and ext4_xattr_set_entry, related to fs/ext4/inode.c and
fs/ext4/super.c (bnc#1159297).
CVE-2019-18808: A memory leak in the ccp_run_sha_cmd() in
drivers/crypto/ccp/ccp-ops.c allowed attackers to cause a denial of
service (memory consumption) (bnc#1156259).
CVE-2019-19066: A memory leak in the bfad_im_get_stats() in
drivers/scsi/bfa/bfad_attr.c allowed attackers to cause a denial of
service (memory consumption) by triggering bfa_port_get_stats()
failures (bnc#1157303).
The update package also includes non-security fixes. See advisory for
details.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1046303");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1050244");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1051510");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1051858");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1061840");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1065600");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1065729");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1071995");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1085030");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1086301");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1086313");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1086314");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1088810");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1104427");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1105392");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1111666");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1112178");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1112504");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114279");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118338");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1123328");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1127371");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1133021");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1133147");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1134973");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140025");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1143959");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1144333");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1151910");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1151927");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1153917");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1154243");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1155331");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1155334");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1156259");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1156286");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1156462");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157155");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157157");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157303");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157424");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157692");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157853");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157966");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158013");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158021");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158026");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158533");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158819");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159028");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159271");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159297");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159394");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159483");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159484");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159569");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159588");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159841");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159908");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159909");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159910");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159911");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159955");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160195");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160210");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160211");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160218");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160433");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160442");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160476");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160560");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160755");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160756");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160784");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160787");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160802");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160803");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160804");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160917");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160966");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160979");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161087");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161360");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161514");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161518");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161522");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161523");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161549");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161552");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161674");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161702");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161875");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161907");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161931");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161933");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161934");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161935");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161936");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161937");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162028");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162067");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162109");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162139");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162557");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162617");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162618");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162619");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162623");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162928");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162943");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163383");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163384");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163762");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163774");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163836");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163840");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163841");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163842");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163843");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163844");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163845");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163846");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163849");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163850");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163851");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163852");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163853");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163855");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163856");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163857");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163858");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163859");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163860");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163861");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163862");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163863");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163867");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163869");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163880");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163971");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164069");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164098");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164115");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164314");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164315");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164388");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164471");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164632");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164705");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164712");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164727");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164728");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164729");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164730");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164731");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164732");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164733");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164734");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164735");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-14615/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-14896/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-14897/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-16994/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-18808/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19036/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19045/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19054/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19066/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19318/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19319/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19447/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19767/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19965/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19966/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-20054/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-20095/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-20096/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-2732/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-7053/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-8428/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-8648/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-8992/");
# https://www.suse.com/support/update/announcement/2020/suse-su-20200559-1/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7006af16");
script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Server 12-SP4:zypper in -t patch
SUSE-SLE-SERVER-12-SP4-2020-559=1");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-14896");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2019-14897");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/30");
script_set_attribute(attribute:"patch_publication_date", value:"2020/03/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/06");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms-azure");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
if (cpu >!< "x86_64") audit(AUDIT_ARCH_NOT, "x86_64", cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP4", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-azure-4.12.14-6.37.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-azure-base-4.12.14-6.37.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-azure-base-debuginfo-4.12.14-6.37.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-azure-debuginfo-4.12.14-6.37.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-azure-debugsource-4.12.14-6.37.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-azure-devel-4.12.14-6.37.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-syms-azure-4.12.14-6.37.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14615
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14897
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16994
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18808
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19036
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19045
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19054
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19066
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19318
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19319
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19447
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19767
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19965
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19966
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20054
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20095
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2732
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7053
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8428
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8648
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8992
www.nessus.org/u?7006af16
bugzilla.suse.com/show_bug.cgi?id=1046303
bugzilla.suse.com/show_bug.cgi?id=1050244
bugzilla.suse.com/show_bug.cgi?id=1051510
bugzilla.suse.com/show_bug.cgi?id=1051858
bugzilla.suse.com/show_bug.cgi?id=1061840
bugzilla.suse.com/show_bug.cgi?id=1065600
bugzilla.suse.com/show_bug.cgi?id=1065729
bugzilla.suse.com/show_bug.cgi?id=1071995
bugzilla.suse.com/show_bug.cgi?id=1085030
bugzilla.suse.com/show_bug.cgi?id=1086301
bugzilla.suse.com/show_bug.cgi?id=1086313
bugzilla.suse.com/show_bug.cgi?id=1086314
bugzilla.suse.com/show_bug.cgi?id=1088810
bugzilla.suse.com/show_bug.cgi?id=1104427
bugzilla.suse.com/show_bug.cgi?id=1105392
bugzilla.suse.com/show_bug.cgi?id=1111666
bugzilla.suse.com/show_bug.cgi?id=1112178
bugzilla.suse.com/show_bug.cgi?id=1112504
bugzilla.suse.com/show_bug.cgi?id=1114279
bugzilla.suse.com/show_bug.cgi?id=1118338
bugzilla.suse.com/show_bug.cgi?id=1123328
bugzilla.suse.com/show_bug.cgi?id=1127371
bugzilla.suse.com/show_bug.cgi?id=1133021
bugzilla.suse.com/show_bug.cgi?id=1133147
bugzilla.suse.com/show_bug.cgi?id=1134973
bugzilla.suse.com/show_bug.cgi?id=1140025
bugzilla.suse.com/show_bug.cgi?id=1143959
bugzilla.suse.com/show_bug.cgi?id=1144333
bugzilla.suse.com/show_bug.cgi?id=1151910
bugzilla.suse.com/show_bug.cgi?id=1151927
bugzilla.suse.com/show_bug.cgi?id=1153917
bugzilla.suse.com/show_bug.cgi?id=1154243
bugzilla.suse.com/show_bug.cgi?id=1155331
bugzilla.suse.com/show_bug.cgi?id=1155334
bugzilla.suse.com/show_bug.cgi?id=1156259
bugzilla.suse.com/show_bug.cgi?id=1156286
bugzilla.suse.com/show_bug.cgi?id=1156462
bugzilla.suse.com/show_bug.cgi?id=1157155
bugzilla.suse.com/show_bug.cgi?id=1157157
bugzilla.suse.com/show_bug.cgi?id=1157303
bugzilla.suse.com/show_bug.cgi?id=1157424
bugzilla.suse.com/show_bug.cgi?id=1157692
bugzilla.suse.com/show_bug.cgi?id=1157853
bugzilla.suse.com/show_bug.cgi?id=1157966
bugzilla.suse.com/show_bug.cgi?id=1158013
bugzilla.suse.com/show_bug.cgi?id=1158021
bugzilla.suse.com/show_bug.cgi?id=1158026
bugzilla.suse.com/show_bug.cgi?id=1158533
bugzilla.suse.com/show_bug.cgi?id=1158819
bugzilla.suse.com/show_bug.cgi?id=1159028
bugzilla.suse.com/show_bug.cgi?id=1159271
bugzilla.suse.com/show_bug.cgi?id=1159297
bugzilla.suse.com/show_bug.cgi?id=1159394
bugzilla.suse.com/show_bug.cgi?id=1159483
bugzilla.suse.com/show_bug.cgi?id=1159484
bugzilla.suse.com/show_bug.cgi?id=1159569
bugzilla.suse.com/show_bug.cgi?id=1159588
bugzilla.suse.com/show_bug.cgi?id=1159841
bugzilla.suse.com/show_bug.cgi?id=1159908
bugzilla.suse.com/show_bug.cgi?id=1159909
bugzilla.suse.com/show_bug.cgi?id=1159910
bugzilla.suse.com/show_bug.cgi?id=1159911
bugzilla.suse.com/show_bug.cgi?id=1159955
bugzilla.suse.com/show_bug.cgi?id=1160195
bugzilla.suse.com/show_bug.cgi?id=1160210
bugzilla.suse.com/show_bug.cgi?id=1160211
bugzilla.suse.com/show_bug.cgi?id=1160218
bugzilla.suse.com/show_bug.cgi?id=1160433
bugzilla.suse.com/show_bug.cgi?id=1160442
bugzilla.suse.com/show_bug.cgi?id=1160476
bugzilla.suse.com/show_bug.cgi?id=1160560
bugzilla.suse.com/show_bug.cgi?id=1160755
bugzilla.suse.com/show_bug.cgi?id=1160756
bugzilla.suse.com/show_bug.cgi?id=1160784
bugzilla.suse.com/show_bug.cgi?id=1160787
bugzilla.suse.com/show_bug.cgi?id=1160802
bugzilla.suse.com/show_bug.cgi?id=1160803
bugzilla.suse.com/show_bug.cgi?id=1160804
bugzilla.suse.com/show_bug.cgi?id=1160917
bugzilla.suse.com/show_bug.cgi?id=1160966
bugzilla.suse.com/show_bug.cgi?id=1160979
bugzilla.suse.com/show_bug.cgi?id=1161087
bugzilla.suse.com/show_bug.cgi?id=1161360
bugzilla.suse.com/show_bug.cgi?id=1161514
bugzilla.suse.com/show_bug.cgi?id=1161518
bugzilla.suse.com/show_bug.cgi?id=1161522
bugzilla.suse.com/show_bug.cgi?id=1161523
bugzilla.suse.com/show_bug.cgi?id=1161549
bugzilla.suse.com/show_bug.cgi?id=1161552
bugzilla.suse.com/show_bug.cgi?id=1161674
bugzilla.suse.com/show_bug.cgi?id=1161702
bugzilla.suse.com/show_bug.cgi?id=1161875
bugzilla.suse.com/show_bug.cgi?id=1161907
bugzilla.suse.com/show_bug.cgi?id=1161931
bugzilla.suse.com/show_bug.cgi?id=1161933
bugzilla.suse.com/show_bug.cgi?id=1161934
bugzilla.suse.com/show_bug.cgi?id=1161935
bugzilla.suse.com/show_bug.cgi?id=1161936
bugzilla.suse.com/show_bug.cgi?id=1161937
bugzilla.suse.com/show_bug.cgi?id=1162028
bugzilla.suse.com/show_bug.cgi?id=1162067
bugzilla.suse.com/show_bug.cgi?id=1162109
bugzilla.suse.com/show_bug.cgi?id=1162139
bugzilla.suse.com/show_bug.cgi?id=1162557
bugzilla.suse.com/show_bug.cgi?id=1162617
bugzilla.suse.com/show_bug.cgi?id=1162618
bugzilla.suse.com/show_bug.cgi?id=1162619
bugzilla.suse.com/show_bug.cgi?id=1162623
bugzilla.suse.com/show_bug.cgi?id=1162928
bugzilla.suse.com/show_bug.cgi?id=1162943
bugzilla.suse.com/show_bug.cgi?id=1163383
bugzilla.suse.com/show_bug.cgi?id=1163384
bugzilla.suse.com/show_bug.cgi?id=1163762
bugzilla.suse.com/show_bug.cgi?id=1163774
bugzilla.suse.com/show_bug.cgi?id=1163836
bugzilla.suse.com/show_bug.cgi?id=1163840
bugzilla.suse.com/show_bug.cgi?id=1163841
bugzilla.suse.com/show_bug.cgi?id=1163842
bugzilla.suse.com/show_bug.cgi?id=1163843
bugzilla.suse.com/show_bug.cgi?id=1163844
bugzilla.suse.com/show_bug.cgi?id=1163845
bugzilla.suse.com/show_bug.cgi?id=1163846
bugzilla.suse.com/show_bug.cgi?id=1163849
bugzilla.suse.com/show_bug.cgi?id=1163850
bugzilla.suse.com/show_bug.cgi?id=1163851
bugzilla.suse.com/show_bug.cgi?id=1163852
bugzilla.suse.com/show_bug.cgi?id=1163853
bugzilla.suse.com/show_bug.cgi?id=1163855
bugzilla.suse.com/show_bug.cgi?id=1163856
bugzilla.suse.com/show_bug.cgi?id=1163857
bugzilla.suse.com/show_bug.cgi?id=1163858
bugzilla.suse.com/show_bug.cgi?id=1163859
bugzilla.suse.com/show_bug.cgi?id=1163860
bugzilla.suse.com/show_bug.cgi?id=1163861
bugzilla.suse.com/show_bug.cgi?id=1163862
bugzilla.suse.com/show_bug.cgi?id=1163863
bugzilla.suse.com/show_bug.cgi?id=1163867
bugzilla.suse.com/show_bug.cgi?id=1163869
bugzilla.suse.com/show_bug.cgi?id=1163880
bugzilla.suse.com/show_bug.cgi?id=1163971
bugzilla.suse.com/show_bug.cgi?id=1164069
bugzilla.suse.com/show_bug.cgi?id=1164098
bugzilla.suse.com/show_bug.cgi?id=1164115
bugzilla.suse.com/show_bug.cgi?id=1164314
bugzilla.suse.com/show_bug.cgi?id=1164315
bugzilla.suse.com/show_bug.cgi?id=1164388
bugzilla.suse.com/show_bug.cgi?id=1164471
bugzilla.suse.com/show_bug.cgi?id=1164632
bugzilla.suse.com/show_bug.cgi?id=1164705
bugzilla.suse.com/show_bug.cgi?id=1164712
bugzilla.suse.com/show_bug.cgi?id=1164727
bugzilla.suse.com/show_bug.cgi?id=1164728
bugzilla.suse.com/show_bug.cgi?id=1164729
bugzilla.suse.com/show_bug.cgi?id=1164730
bugzilla.suse.com/show_bug.cgi?id=1164731
bugzilla.suse.com/show_bug.cgi?id=1164732
bugzilla.suse.com/show_bug.cgi?id=1164733
bugzilla.suse.com/show_bug.cgi?id=1164734
bugzilla.suse.com/show_bug.cgi?id=1164735
www.suse.com/security/cve/CVE-2019-14615/
www.suse.com/security/cve/CVE-2019-14896/
www.suse.com/security/cve/CVE-2019-14897/
www.suse.com/security/cve/CVE-2019-16994/
www.suse.com/security/cve/CVE-2019-18808/
www.suse.com/security/cve/CVE-2019-19036/
www.suse.com/security/cve/CVE-2019-19045/
www.suse.com/security/cve/CVE-2019-19054/
www.suse.com/security/cve/CVE-2019-19066/
www.suse.com/security/cve/CVE-2019-19318/
www.suse.com/security/cve/CVE-2019-19319/
www.suse.com/security/cve/CVE-2019-19447/
www.suse.com/security/cve/CVE-2019-19767/
www.suse.com/security/cve/CVE-2019-19965/
www.suse.com/security/cve/CVE-2019-19966/
www.suse.com/security/cve/CVE-2019-20054/
www.suse.com/security/cve/CVE-2019-20095/
www.suse.com/security/cve/CVE-2019-20096/
www.suse.com/security/cve/CVE-2020-2732/
www.suse.com/security/cve/CVE-2020-7053/
www.suse.com/security/cve/CVE-2020-8428/
www.suse.com/security/cve/CVE-2020-8648/
www.suse.com/security/cve/CVE-2020-8992/
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
88.0%