The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed :
CVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability to run code in kernel space of a guest VM can cause the host kernel to panic (bnc#1168276).
CVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL (bnc#1168424).
CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bnc#1167629).
CVE-2019-9458: In the video driver there was a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed (bnc#1168295).
CVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a system crash (bnc#1120386).
CVE-2019-19770: Fixed a use-after-free in the debugfs_remove function (bsc#1159198).
CVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S did not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).
CVE-2020-2732: Fixed an issue where under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest (bnc#1163971).
CVE-2020-8647: There was a use-after-free vulnerability in the vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929 1164078).
CVE-2020-8649: There was a use-after-free vulnerability in the vgacon_invert_region function in drivers/video/console/vgacon.c (bnc#1162929 1162931).
CVE-2020-9383: An issue was discovered set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it (bnc#1165111).
CVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function in kernel/trace/blktrace.c (bnc#1159285).
CVE-2018-20836: Fixed an issue where a race condition in smp_task_timedout() and smp_task_done() cloud lead to a use-after-free (bnc#1134395).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2020:1142-1.
# The text itself is copyright (C) SUSE.
#
include('compat.inc');
if (description)
{
script_id(136166);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/14");
script_cve_id(
"CVE-2018-20836",
"CVE-2019-3701",
"CVE-2019-9458",
"CVE-2019-19768",
"CVE-2019-19770",
"CVE-2020-2732",
"CVE-2020-8647",
"CVE-2020-8649",
"CVE-2020-8834",
"CVE-2020-9383",
"CVE-2020-10942",
"CVE-2020-11494",
"CVE-2020-11669"
);
script_name(english:"SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1142-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed :
CVE-2020-8834: KVM on Power8 processors had a conflicting use of
HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in
kvmppc_{save,restore}_tm, leading to a stack corruption. Because of
this, an attacker with the ability to run code in kernel space of a
guest VM can cause the host kernel to panic (bnc#1168276).
CVE-2020-11494: An issue was discovered in slc_bump in
drivers/net/can/slcan.c, which allowed attackers to read uninitialized
can_frame data, potentially containing sensitive information from
kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL
(bnc#1168424).
CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks
validation of an sk_family field, which might allow attackers to
trigger kernel stack corruption via crafted system calls
(bnc#1167629).
CVE-2019-9458: In the video driver there was a use after free due to a
race condition. This could lead to local escalation of privilege with
no additional execution privileges needed (bnc#1168295).
CVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a
system crash (bnc#1120386).
CVE-2019-19770: Fixed a use-after-free in the debugfs_remove function
(bsc#1159198).
CVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S
did not have save/restore functionality for PNV_POWERSAVE_AMR,
PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).
CVE-2020-2732: Fixed an issue where under some circumstances, an L2
guest may trick the L0 guest into accessing sensitive L1 resources
that should be inaccessible to the L2 guest (bnc#1163971).
CVE-2020-8647: There was a use-after-free vulnerability in the
vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929 1164078).
CVE-2020-8649: There was a use-after-free vulnerability in the
vgacon_invert_region function in drivers/video/console/vgacon.c
(bnc#1162929 1162931).
CVE-2020-9383: An issue was discovered set_fdc in
drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read
because the FDC index is not checked for errors before assigning it
(bnc#1165111).
CVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function
in kernel/trace/blktrace.c (bnc#1159285).
CVE-2018-20836: Fixed an issue where a race condition in
smp_task_timedout() and smp_task_done() cloud lead to a use-after-free
(bnc#1134395).
The update package also includes non-security fixes. See advisory for
details.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1044231");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1050549");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1051510");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1051858");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1056686");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1060463");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1065600");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1065729");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1083647");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1085030");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1088810");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1103990");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1103992");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1104353");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1104745");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1104967");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1109837");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1109911");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1111666");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1111974");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1112178");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1112374");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1112504");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1113956");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114279");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114685");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118338");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1119680");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120386");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1123328");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1127611");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1133021");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1134090");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1134395");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1136157");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1136333");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1137325");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1141895");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1142685");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1144162");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1144333");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1145051");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1145929");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1146539");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1148868");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1154385");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1156510");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157424");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158187");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158552");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158983");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159037");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159142");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159198");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159199");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159285");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160659");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161561");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161702");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161951");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162171");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162929");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162931");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163403");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163508");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163762");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163897");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163971");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164051");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164078");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164115");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164284");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164388");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164471");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164507");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164598");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164632");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164705");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164712");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164727");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164728");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164729");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164730");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164731");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164732");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164733");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164734");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164735");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164777");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164780");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164893");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165019");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165111");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165182");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165185");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165211");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165404");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165488");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165527");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165581");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165741");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165813");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165823");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165873");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165929");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165949");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165950");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165980");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165984");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165985");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166003");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166101");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166102");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166103");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166104");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166632");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166658");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166730");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166731");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166732");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166733");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166734");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166735");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166780");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166860");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166861");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166862");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166864");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166866");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166867");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166868");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166870");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166940");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1166982");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1167005");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1167216");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1167288");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1167290");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1167316");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1167421");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1167423");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1167627");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1167629");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168075");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168202");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168273");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168276");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168295");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168367");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168424");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168443");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168486");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168552");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168760");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168762");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168763");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168764");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168765");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168829");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168854");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168881");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168884");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168952");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1169013");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1169057");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1169307");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1169308");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1169390");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1169514");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1169625");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-20836/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19768/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19770/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-3701/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-9458/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-10942/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-11494/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-11669/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-2732/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-8647/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-8649/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-8834/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-9383/");
# https://www.suse.com/support/update/announcement/2020/suse-su-20201142-1/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5f22a896");
script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Workstation Extension 12-SP5:zypper in -t patch
SUSE-SLE-WE-12-SP5-2020-1142=1
SUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t
patch SUSE-SLE-SDK-12-SP5-2020-1142=1
SUSE Linux Enterprise Server 12-SP5:zypper in -t patch
SUSE-SLE-SERVER-12-SP5-2020-1142=1
SUSE Linux Enterprise Live Patching 12-SP5:zypper in -t patch
SUSE-SLE-Live-Patching-12-SP5-2020-1142=1
SUSE Linux Enterprise High Availability 12-SP5:zypper in -t patch
SUSE-SLE-HA-12-SP5-2020-1142=1");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-20836");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2019-19770");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/03");
script_set_attribute(attribute:"patch_publication_date", value:"2020/04/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/30");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-man");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(5)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP5", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"5", cpu:"x86_64", reference:"kernel-default-devel-debuginfo-4.12.14-122.20.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", cpu:"s390x", reference:"kernel-default-man-4.12.14-122.20.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-default-4.12.14-122.20.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-default-base-4.12.14-122.20.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-default-base-debuginfo-4.12.14-122.20.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-default-debuginfo-4.12.14-122.20.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-default-debugsource-4.12.14-122.20.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-default-devel-4.12.14-122.20.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-syms-4.12.14-122.20.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20836
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19768
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19770
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3701
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9458
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10942
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11494
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11669
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2732
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8647
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8649
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8834
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9383
www.nessus.org/u?5f22a896
bugzilla.suse.com/show_bug.cgi?id=1044231
bugzilla.suse.com/show_bug.cgi?id=1050549
bugzilla.suse.com/show_bug.cgi?id=1051510
bugzilla.suse.com/show_bug.cgi?id=1051858
bugzilla.suse.com/show_bug.cgi?id=1056686
bugzilla.suse.com/show_bug.cgi?id=1060463
bugzilla.suse.com/show_bug.cgi?id=1065600
bugzilla.suse.com/show_bug.cgi?id=1065729
bugzilla.suse.com/show_bug.cgi?id=1083647
bugzilla.suse.com/show_bug.cgi?id=1085030
bugzilla.suse.com/show_bug.cgi?id=1088810
bugzilla.suse.com/show_bug.cgi?id=1103990
bugzilla.suse.com/show_bug.cgi?id=1103992
bugzilla.suse.com/show_bug.cgi?id=1104353
bugzilla.suse.com/show_bug.cgi?id=1104745
bugzilla.suse.com/show_bug.cgi?id=1104967
bugzilla.suse.com/show_bug.cgi?id=1109837
bugzilla.suse.com/show_bug.cgi?id=1109911
bugzilla.suse.com/show_bug.cgi?id=1111666
bugzilla.suse.com/show_bug.cgi?id=1111974
bugzilla.suse.com/show_bug.cgi?id=1112178
bugzilla.suse.com/show_bug.cgi?id=1112374
bugzilla.suse.com/show_bug.cgi?id=1112504
bugzilla.suse.com/show_bug.cgi?id=1113956
bugzilla.suse.com/show_bug.cgi?id=1114279
bugzilla.suse.com/show_bug.cgi?id=1114685
bugzilla.suse.com/show_bug.cgi?id=1118338
bugzilla.suse.com/show_bug.cgi?id=1119680
bugzilla.suse.com/show_bug.cgi?id=1120386
bugzilla.suse.com/show_bug.cgi?id=1123328
bugzilla.suse.com/show_bug.cgi?id=1127611
bugzilla.suse.com/show_bug.cgi?id=1133021
bugzilla.suse.com/show_bug.cgi?id=1134090
bugzilla.suse.com/show_bug.cgi?id=1134395
bugzilla.suse.com/show_bug.cgi?id=1136157
bugzilla.suse.com/show_bug.cgi?id=1136333
bugzilla.suse.com/show_bug.cgi?id=1137325
bugzilla.suse.com/show_bug.cgi?id=1141895
bugzilla.suse.com/show_bug.cgi?id=1142685
bugzilla.suse.com/show_bug.cgi?id=1144162
bugzilla.suse.com/show_bug.cgi?id=1144333
bugzilla.suse.com/show_bug.cgi?id=1145051
bugzilla.suse.com/show_bug.cgi?id=1145929
bugzilla.suse.com/show_bug.cgi?id=1146539
bugzilla.suse.com/show_bug.cgi?id=1148868
bugzilla.suse.com/show_bug.cgi?id=1154385
bugzilla.suse.com/show_bug.cgi?id=1156510
bugzilla.suse.com/show_bug.cgi?id=1157424
bugzilla.suse.com/show_bug.cgi?id=1158187
bugzilla.suse.com/show_bug.cgi?id=1158552
bugzilla.suse.com/show_bug.cgi?id=1158983
bugzilla.suse.com/show_bug.cgi?id=1159037
bugzilla.suse.com/show_bug.cgi?id=1159142
bugzilla.suse.com/show_bug.cgi?id=1159198
bugzilla.suse.com/show_bug.cgi?id=1159199
bugzilla.suse.com/show_bug.cgi?id=1159285
bugzilla.suse.com/show_bug.cgi?id=1160659
bugzilla.suse.com/show_bug.cgi?id=1161561
bugzilla.suse.com/show_bug.cgi?id=1161702
bugzilla.suse.com/show_bug.cgi?id=1161951
bugzilla.suse.com/show_bug.cgi?id=1162171
bugzilla.suse.com/show_bug.cgi?id=1162929
bugzilla.suse.com/show_bug.cgi?id=1162931
bugzilla.suse.com/show_bug.cgi?id=1163403
bugzilla.suse.com/show_bug.cgi?id=1163508
bugzilla.suse.com/show_bug.cgi?id=1163762
bugzilla.suse.com/show_bug.cgi?id=1163897
bugzilla.suse.com/show_bug.cgi?id=1163971
bugzilla.suse.com/show_bug.cgi?id=1164051
bugzilla.suse.com/show_bug.cgi?id=1164078
bugzilla.suse.com/show_bug.cgi?id=1164115
bugzilla.suse.com/show_bug.cgi?id=1164284
bugzilla.suse.com/show_bug.cgi?id=1164388
bugzilla.suse.com/show_bug.cgi?id=1164471
bugzilla.suse.com/show_bug.cgi?id=1164507
bugzilla.suse.com/show_bug.cgi?id=1164598
bugzilla.suse.com/show_bug.cgi?id=1164632
bugzilla.suse.com/show_bug.cgi?id=1164705
bugzilla.suse.com/show_bug.cgi?id=1164712
bugzilla.suse.com/show_bug.cgi?id=1164727
bugzilla.suse.com/show_bug.cgi?id=1164728
bugzilla.suse.com/show_bug.cgi?id=1164729
bugzilla.suse.com/show_bug.cgi?id=1164730
bugzilla.suse.com/show_bug.cgi?id=1164731
bugzilla.suse.com/show_bug.cgi?id=1164732
bugzilla.suse.com/show_bug.cgi?id=1164733
bugzilla.suse.com/show_bug.cgi?id=1164734
bugzilla.suse.com/show_bug.cgi?id=1164735
bugzilla.suse.com/show_bug.cgi?id=1164777
bugzilla.suse.com/show_bug.cgi?id=1164780
bugzilla.suse.com/show_bug.cgi?id=1164893
bugzilla.suse.com/show_bug.cgi?id=1165019
bugzilla.suse.com/show_bug.cgi?id=1165111
bugzilla.suse.com/show_bug.cgi?id=1165182
bugzilla.suse.com/show_bug.cgi?id=1165185
bugzilla.suse.com/show_bug.cgi?id=1165211
bugzilla.suse.com/show_bug.cgi?id=1165404
bugzilla.suse.com/show_bug.cgi?id=1165488
bugzilla.suse.com/show_bug.cgi?id=1165527
bugzilla.suse.com/show_bug.cgi?id=1165581
bugzilla.suse.com/show_bug.cgi?id=1165741
bugzilla.suse.com/show_bug.cgi?id=1165813
bugzilla.suse.com/show_bug.cgi?id=1165823
bugzilla.suse.com/show_bug.cgi?id=1165873
bugzilla.suse.com/show_bug.cgi?id=1165929
bugzilla.suse.com/show_bug.cgi?id=1165949
bugzilla.suse.com/show_bug.cgi?id=1165950
bugzilla.suse.com/show_bug.cgi?id=1165980
bugzilla.suse.com/show_bug.cgi?id=1165984
bugzilla.suse.com/show_bug.cgi?id=1165985
bugzilla.suse.com/show_bug.cgi?id=1166003
bugzilla.suse.com/show_bug.cgi?id=1166101
bugzilla.suse.com/show_bug.cgi?id=1166102
bugzilla.suse.com/show_bug.cgi?id=1166103
bugzilla.suse.com/show_bug.cgi?id=1166104
bugzilla.suse.com/show_bug.cgi?id=1166632
bugzilla.suse.com/show_bug.cgi?id=1166658
bugzilla.suse.com/show_bug.cgi?id=1166730
bugzilla.suse.com/show_bug.cgi?id=1166731
bugzilla.suse.com/show_bug.cgi?id=1166732
bugzilla.suse.com/show_bug.cgi?id=1166733
bugzilla.suse.com/show_bug.cgi?id=1166734
bugzilla.suse.com/show_bug.cgi?id=1166735
bugzilla.suse.com/show_bug.cgi?id=1166780
bugzilla.suse.com/show_bug.cgi?id=1166860
bugzilla.suse.com/show_bug.cgi?id=1166861
bugzilla.suse.com/show_bug.cgi?id=1166862
bugzilla.suse.com/show_bug.cgi?id=1166864
bugzilla.suse.com/show_bug.cgi?id=1166866
bugzilla.suse.com/show_bug.cgi?id=1166867
bugzilla.suse.com/show_bug.cgi?id=1166868
bugzilla.suse.com/show_bug.cgi?id=1166870
bugzilla.suse.com/show_bug.cgi?id=1166940
bugzilla.suse.com/show_bug.cgi?id=1166982
bugzilla.suse.com/show_bug.cgi?id=1167005
bugzilla.suse.com/show_bug.cgi?id=1167216
bugzilla.suse.com/show_bug.cgi?id=1167288
bugzilla.suse.com/show_bug.cgi?id=1167290
bugzilla.suse.com/show_bug.cgi?id=1167316
bugzilla.suse.com/show_bug.cgi?id=1167421
bugzilla.suse.com/show_bug.cgi?id=1167423
bugzilla.suse.com/show_bug.cgi?id=1167627
bugzilla.suse.com/show_bug.cgi?id=1167629
bugzilla.suse.com/show_bug.cgi?id=1168075
bugzilla.suse.com/show_bug.cgi?id=1168202
bugzilla.suse.com/show_bug.cgi?id=1168273
bugzilla.suse.com/show_bug.cgi?id=1168276
bugzilla.suse.com/show_bug.cgi?id=1168295
bugzilla.suse.com/show_bug.cgi?id=1168367
bugzilla.suse.com/show_bug.cgi?id=1168424
bugzilla.suse.com/show_bug.cgi?id=1168443
bugzilla.suse.com/show_bug.cgi?id=1168486
bugzilla.suse.com/show_bug.cgi?id=1168552
bugzilla.suse.com/show_bug.cgi?id=1168760
bugzilla.suse.com/show_bug.cgi?id=1168762
bugzilla.suse.com/show_bug.cgi?id=1168763
bugzilla.suse.com/show_bug.cgi?id=1168764
bugzilla.suse.com/show_bug.cgi?id=1168765
bugzilla.suse.com/show_bug.cgi?id=1168829
bugzilla.suse.com/show_bug.cgi?id=1168854
bugzilla.suse.com/show_bug.cgi?id=1168881
bugzilla.suse.com/show_bug.cgi?id=1168884
bugzilla.suse.com/show_bug.cgi?id=1168952
bugzilla.suse.com/show_bug.cgi?id=1169013
bugzilla.suse.com/show_bug.cgi?id=1169057
bugzilla.suse.com/show_bug.cgi?id=1169307
bugzilla.suse.com/show_bug.cgi?id=1169308
bugzilla.suse.com/show_bug.cgi?id=1169390
bugzilla.suse.com/show_bug.cgi?id=1169514
bugzilla.suse.com/show_bug.cgi?id=1169625
www.suse.com/security/cve/CVE-2018-20836/
www.suse.com/security/cve/CVE-2019-19768/
www.suse.com/security/cve/CVE-2019-19770/
www.suse.com/security/cve/CVE-2019-3701/
www.suse.com/security/cve/CVE-2019-9458/
www.suse.com/security/cve/CVE-2020-10942/
www.suse.com/security/cve/CVE-2020-11494/
www.suse.com/security/cve/CVE-2020-11669/
www.suse.com/security/cve/CVE-2020-2732/
www.suse.com/security/cve/CVE-2020-8647/
www.suse.com/security/cve/CVE-2020-8649/
www.suse.com/security/cve/CVE-2020-8834/
www.suse.com/security/cve/CVE-2020-9383/