SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:1146-1)

2020-04-30T00:00:00

Description

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability to run code in kernel space of a guest VM can cause the host kernel to panic (bnc#1168276). CVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL (bnc#1168424). CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bnc#1167629). CVE-2019-9458: In the video driver there was a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed (bnc#1168295). CVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a system crash (bnc#1120386). CVE-2019-19770: Fixed a use-after-free in the debugfs_remove function (bsc#1159198). CVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S did not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

{"id": "SUSE_SU-2020-1146-1.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:1146-1)", "description": "The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability to run code in kernel space of a guest VM can cause the host kernel to panic (bnc#1168276).\n\nCVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL (bnc#1168424).\n\nCVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bnc#1167629).\n\nCVE-2019-9458: In the video driver there was a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed (bnc#1168295).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a system crash (bnc#1120386).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function (bsc#1159198).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S did not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2020-04-30T00:00:00", "modified": "2021-01-13T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/136168", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugzilla.suse.com/show_bug.cgi?id=1159198", "https://bugzilla.suse.com/show_bug.cgi?id=1168367", "https://bugzilla.suse.com/show_bug.cgi?id=1167627", "https://bugzilla.suse.com/show_bug.cgi?id=1120386", "https://bugzilla.suse.com/show_bug.cgi?id=1167005", "https://bugzilla.suse.com/show_bug.cgi?id=1168075", "https://bugzilla.suse.com/show_bug.cgi?id=1111666", "https://bugzilla.suse.com/show_bug.cgi?id=1157424", "https://bugzilla.suse.com/show_bug.cgi?id=1169514", "https://bugzilla.suse.com/show_bug.cgi?id=1168486", "https://bugzilla.suse.com/show_bug.cgi?id=1168884", "https://bugzilla.suse.com/show_bug.cgi?id=1169308", "https://bugzilla.suse.com/show_bug.cgi?id=1163403", "https://bugzilla.suse.com/show_bug.cgi?id=1166861", "https://bugzilla.suse.com/show_bug.cgi?id=1167290", "https://bugzilla.suse.com/show_bug.cgi?id=1158983", "https://bugzilla.suse.com/show_bug.cgi?id=1168443", "https://bugzilla.suse.com/show_bug.cgi?id=1168424", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3701", "https://bugzilla.suse.com/show_bug.cgi?id=1163897", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11494", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8834", "https://bugzilla.suse.com/show_bug.cgi?id=1083647", "https://bugzilla.suse.com/show_bug.cgi?id=1165211", "https://bugzilla.suse.com/show_bug.cgi?id=1085030", "https://bugzilla.suse.com/show_bug.cgi?id=1169625", "https://bugzilla.suse.com/show_bug.cgi?id=1145929", "https://bugzilla.suse.com/show_bug.cgi?id=1168854", "https://bugzilla.suse.com/show_bug.cgi?id=1166870", "https://bugzilla.suse.com/show_bug.cgi?id=1159199", "https://bugzilla.suse.com/show_bug.cgi?id=1168202", "https://bugzilla.suse.com/show_bug.cgi?id=1167421", "https://bugzilla.suse.com/show_bug.cgi?id=1164893", "https://bugzilla.suse.com/show_bug.cgi?id=1168295", "https://bugzilla.suse.com/show_bug.cgi?id=1167216", "https://bugzilla.suse.com/show_bug.cgi?id=1166940", "https://bugzilla.suse.com/show_bug.cgi?id=1165185", "https://bugzilla.suse.com/show_bug.cgi?id=1164284", "https://www.suse.com/security/cve/CVE-2020-11494/", "https://bugzilla.suse.com/show_bug.cgi?id=1165823", "https://bugzilla.suse.com/show_bug.cgi?id=1071995", "https://bugzilla.suse.com/show_bug.cgi?id=1167316", "https://bugzilla.suse.com/show_bug.cgi?id=1065729", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19770", "https://bugzilla.suse.com/show_bug.cgi?id=1169307", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9458", "https://bugzilla.suse.com/show_bug.cgi?id=1164777", "https://bugzilla.suse.com/show_bug.cgi?id=1166862", "https://bugzilla.suse.com/show_bug.cgi?id=1168276", "http://www.nessus.org/u?c3bcebc1", "https://bugzilla.suse.com/show_bug.cgi?id=1065600", "https://www.suse.com/security/cve/CVE-2019-19770/", "https://bugzilla.suse.com/show_bug.cgi?id=1168881", "https://bugzilla.suse.com/show_bug.cgi?id=1145051", "https://bugzilla.suse.com/show_bug.cgi?id=1168829", "https://bugzilla.suse.com/show_bug.cgi?id=1166864", "https://bugzilla.suse.com/show_bug.cgi?id=1169390", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11669", "https://bugzilla.suse.com/show_bug.cgi?id=1168552", "https://bugzilla.suse.com/show_bug.cgi?id=1162171", "https://bugzilla.suse.com/show_bug.cgi?id=1168764", "https://bugzilla.suse.com/show_bug.cgi?id=1166868", "https://bugzilla.suse.com/show_bug.cgi?id=1161951", "https://bugzilla.suse.com/show_bug.cgi?id=1148868", "https://bugzilla.suse.com/show_bug.cgi?id=1168765", "https://bugzilla.suse.com/show_bug.cgi?id=1166982", "https://bugzilla.suse.com/show_bug.cgi?id=1169013", "https://bugzilla.suse.com/show_bug.cgi?id=1167629", "https://bugzilla.suse.com/show_bug.cgi?id=1164780", "https://bugzilla.suse.com/show_bug.cgi?id=1168760", "https://www.suse.com/security/cve/CVE-2019-3701/", "https://www.suse.com/security/cve/CVE-2020-11669/", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10942", "https://bugzilla.suse.com/show_bug.cgi?id=1114279", "https://bugzilla.suse.com/show_bug.cgi?id=1137325", "https://bugzilla.suse.com/show_bug.cgi?id=1167423", "https://bugzilla.suse.com/show_bug.cgi?id=1168763", "https://bugzilla.suse.com/show_bug.cgi?id=1165949", "https://bugzilla.suse.com/show_bug.cgi?id=1109911", "https://bugzilla.suse.com/show_bug.cgi?id=1161561", "https://bugzilla.suse.com/show_bug.cgi?id=1168273", "https://bugzilla.suse.com/show_bug.cgi?id=1166860", "https://bugzilla.suse.com/show_bug.cgi?id=1169057", "https://bugzilla.suse.com/show_bug.cgi?id=1168762", "https://www.suse.com/security/cve/CVE-2019-9458/", "https://www.suse.com/security/cve/CVE-2020-8834/", "https://bugzilla.suse.com/show_bug.cgi?id=1166867", "https://bugzilla.suse.com/show_bug.cgi?id=1165019", "https://bugzilla.suse.com/show_bug.cgi?id=1166866", "https://bugzilla.suse.com/show_bug.cgi?id=1166780", "https://bugzilla.suse.com/show_bug.cgi?id=1113956", "https://bugzilla.suse.com/show_bug.cgi?id=1118338", "https://bugzilla.suse.com/show_bug.cgi?id=1168952", "https://bugzilla.suse.com/show_bug.cgi?id=1167288", "https://bugzilla.suse.com/show_bug.cgi?id=1165182", "https://bugzilla.suse.com/show_bug.cgi?id=1051510", "https://bugzilla.suse.com/show_bug.cgi?id=1159037", "https://bugzilla.suse.com/show_bug.cgi?id=1142685", "https://www.suse.com/security/cve/CVE-2020-10942/"], "cvelist": ["CVE-2019-19770", "CVE-2019-3701", "CVE-2019-9458", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11669", "CVE-2020-8834"], "immutableFields": [], "lastseen": "2023-05-18T14:58:13", "viewCount": 59, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:4431"]}, {"type": "altlinux", "idList": ["DA7EB86A979E50AA3788F1F41AC8607F"]}, {"type": "amazon", "idList": ["ALAS-2020-1360", "ALAS-2020-1462", "ALAS-2021-1461", "ALAS2-2020-1405", "ALAS2-2020-1566"]}, {"type": "androidsecurity", "idList": ["ANDROID:2019-09-01"]}, {"type": "centos", "idList": ["CESA-2020:4060"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:27F5DB3AFDCF54F32837F9CE39245DE1", "CFOUNDRY:4C29708E9DB1757C4BE1AE571C33062C", "CFOUNDRY:63AC599C6730C4293761CECD360AA195", "CFOUNDRY:9BF498B2FAF35AA57F2C51B7E395428D", "CFOUNDRY:A005A5D22D18F966EBF6C011F833E895", "CFOUNDRY:BD71AB043932448695E8B3D20302D582", "CFOUNDRY:F57A73CFC5FB17A63EC4D0328D382C3A"]}, {"type": "cve", "idList": ["CVE-2019-19770", "CVE-2019-3701", "CVE-2019-9458", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11669", "CVE-2020-8834"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E", "DEBIAN:DLA-1771-1:3CE68", "DEBIAN:DLA-2241-1:DE3AB", "DEBIAN:DLA-2241-2:3E557", "DEBIAN:DLA-2242-1:573AF", "DEBIAN:DLA-2483-1:37DA1", "DEBIAN:DSA-4667-1:62006", "DEBIAN:DSA-4667-1:834A8", "DEBIAN:DSA-4698-1:66813", "DEBIAN:DSA-4698-1:E1A7D"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-19770", "DEBIANCVE:CVE-2019-3701", "DEBIANCVE:CVE-2019-9458", "DEBIANCVE:CVE-2020-10942", "DEBIANCVE:CVE-2020-11494", "DEBIANCVE:CVE-2020-11669", "DEBIANCVE:CVE-2020-8834"]}, {"type": "f5", "idList": ["F5:K17957133", "F5:K21458044", "F5:K35255309", "F5:K46444421"]}, {"type": "fedora", "idList": ["FEDORA:041196190421", "FEDORA:04868606351B", "FEDORA:1CAC0608E6F2", "FEDORA:20DCB60779B2", "FEDORA:22D77604972B", "FEDORA:2836F613193B", "FEDORA:296826040AED", "FEDORA:3266960F0E44", "FEDORA:3C394606D98F", "FEDORA:41B546014626", "FEDORA:4CEF5610D7CA", "FEDORA:4CF35608BFEA", "FEDORA:4D5AD601FDAC", "FEDORA:511986124F82", "FEDORA:511A7608E6E1", "FEDORA:5956060491DC", "FEDORA:5A4D662AE22C", "FEDORA:5B68260A5858", "FEDORA:690DE6022BA8", "FEDORA:6B66A6047312", "FEDORA:6B6B360567FC", "FEDORA:6E67663233DB", "FEDORA:79EAC605FC25", "FEDORA:85FBF6076011", "FEDORA:89C9C6051B3A", "FEDORA:8FD3E60491BA", "FEDORA:95A686085F81", "FEDORA:98E8F6079A11", "FEDORA:9E3D9606D195", "FEDORA:AAA6460491BA", "FEDORA:B87B460876BA", "FEDORA:BBFE360460D0", "FEDORA:C49D061F375F", "FEDORA:C4D496071279", "FEDORA:C64AE6007F37", "FEDORA:C6AF860C4240", "FEDORA:D2B426045A04", "FEDORA:DBB1B659CBE0", "FEDORA:E37FD60924F1", "FEDORA:E88866014636", "FEDORA:E93AE6077DCD", "FEDORA:EF6BA6045A0C", "FEDORA:F417F60477C5"]}, {"type": "ibm", "idList": ["4777AA656AFE2A7E99CB0D93F8BE73D4229AC1A8C767E59363E711B828FD7059", "7BEBE6C769A16D13746B813CF456C36F85AE1B1A1CBD26E71A53BD6E5B34E2F4", "8B24753FF8758BF51E7C6001AC39E0EF90B14323A9756CCEF8AC68E99EF03367", "B68653AE8B3B701FAB183C54D344C9C2EE03602A2C7365EC7CF172320BA1AA2E", "F0AFFAB5446BEF6A6B346CA7237A1583252E55B1EA002352E7DFDFFB5796363C"]}, {"type": "mageia", "idList": ["MGASA-2019-0097", "MGASA-2019-0098", "MGASA-2019-0171", "MGASA-2020-0183", "MGASA-2020-0184"]}, {"type": "nessus", "idList": ["AL2_ALAS-2020-1405.NASL", "AL2_ALAS-2020-1566.NASL", "AL2_ALASKERNEL-5_4-2022-016.NASL", "ALA_ALAS-2020-1360.NASL", "ALA_ALAS-2020-1462.NASL", "ALA_ALAS-2021-1461.NASL", "ALMA_LINUX_ALSA-2020-4431.NASL", "CENTOS8_RHSA-2020-4431.NASL", "CENTOS_RHSA-2020-4060.NASL", "DEBIAN_DLA-1731.NASL", "DEBIAN_DLA-1771.NASL", "DEBIAN_DLA-2241.NASL", "DEBIAN_DLA-2242.NASL", "DEBIAN_DLA-2483.NASL", "DEBIAN_DSA-4667.NASL", "DEBIAN_DSA-4698.NASL", "EULEROS_SA-2019-1028.NASL", "EULEROS_SA-2019-1131.NASL", "EULEROS_SA-2019-1234.NASL", "EULEROS_SA-2019-1259.NASL", "EULEROS_SA-2019-1512.NASL", "EULEROS_SA-2019-1519.NASL", "EULEROS_SA-2020-1112.NASL", "EULEROS_SA-2020-1158.NASL", "EULEROS_SA-2020-1186.NASL", "EULEROS_SA-2020-1508.NASL", "EULEROS_SA-2020-1536.NASL", "EULEROS_SA-2020-1592.NASL", "EULEROS_SA-2020-1606.NASL", "EULEROS_SA-2020-1674.NASL", "EULEROS_SA-2020-1698.NASL", "EULEROS_SA-2020-1713.NASL", "EULEROS_SA-2020-1958.NASL", "EULEROS_SA-2020-2150.NASL", "EULEROS_SA-2021-1056.NASL", "EULEROS_SA-2021-1079.NASL", "EULEROS_SA-2021-2040.NASL", "FEDORA_2019-337484D88B.NASL", "FEDORA_2019-B0F7A7B74B.NASL", "NEWSTART_CGSL_NS-SA-2021-0025_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0078_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0169_KERNEL.NASL", "NUTANIX_NXSA-AOS-5_15_5.NASL", "NUTANIX_NXSA-AOS-5_19_0_5.NASL", "NUTANIX_NXSA-AOS-5_19_1.NASL", "OPENSUSE-2020-543.NASL", "ORACLELINUX_ELSA-2019-4596.NASL", "ORACLELINUX_ELSA-2019-4600.NASL", "ORACLELINUX_ELSA-2019-4612.NASL", "ORACLELINUX_ELSA-2020-5642.NASL", "ORACLELINUX_ELSA-2020-5649.NASL", "ORACLELINUX_ELSA-2020-5663.NASL", "ORACLELINUX_ELSA-2020-5670.NASL", "ORACLELINUX_ELSA-2020-5676.NASL", "ORACLELINUX_ELSA-2021-9442.NASL", "ORACLEVM_OVMSA-2019-0014.NASL", "ORACLEVM_OVMSA-2020-0019.NASL", "ORACLEVM_OVMSA-2021-0030.NASL", "PHOTONOS_PHSA-2020-1_0-0290_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0073_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0177_LINUX.NASL", "REDHAT-RHSA-2019-3517.NASL", "REDHAT-RHSA-2020-2854.NASL", "REDHAT-RHSA-2020-4060.NASL", "REDHAT-RHSA-2020-4062.NASL", "REDHAT-RHSA-2020-4431.NASL", "REDHAT-RHSA-2020-4609.NASL", "REDHAT-RHSA-2021-1379.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SLACKWARE_SSA_2020-163-01.NASL", "SL_20201001_KERNEL_ON_SL7_X.NASL", "SUSE_SU-2020-1118-1.NASL", "SUSE_SU-2020-1119-1.NASL", "SUSE_SU-2020-1123-1.NASL", "SUSE_SU-2020-1141-1.NASL", "SUSE_SU-2020-1142-1.NASL", "SUSE_SU-2020-1255-1.NASL", "SUSE_SU-2020-1275-1.NASL", "SUSE_SU-2020-14354-1.NASL", "SUSE_SU-2020-1663-1.NASL", "SUSE_SU-2020-2487-1.NASL", "SUSE_SU-2020-2491-1.NASL", "SUSE_SU-2020-2492-1.NASL", "SUSE_SU-2020-2497-1.NASL", "SUSE_SU-2020-2498-1.NASL", "UBUNTU_USN-3932-1.NASL", "UBUNTU_USN-3932-2.NASL", "UBUNTU_USN-4115-1.NASL", "UBUNTU_USN-4115-2.NASL", "UBUNTU_USN-4118-1.NASL", "UBUNTU_USN-4318-1.NASL", "UBUNTU_USN-4342-1.NASL", "UBUNTU_USN-4344-1.NASL", "UBUNTU_USN-4345-1.NASL", "UBUNTU_USN-4363-1.NASL", "UBUNTU_USN-4364-1.NASL", "UBUNTU_USN-4368-1.NASL", "UBUNTU_USN-4369-1.NASL", "UBUNTU_USN-4369-2.NASL", "UBUNTU_USN-4680-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704667", "OPENVAS:1361412562310704698", "OPENVAS:1361412562310843951", "OPENVAS:1361412562310843957", "OPENVAS:1361412562310844156", "OPENVAS:1361412562310844159", "OPENVAS:1361412562310844174", "OPENVAS:1361412562310844383", "OPENVAS:1361412562310844406", "OPENVAS:1361412562310844409", "OPENVAS:1361412562310844410", "OPENVAS:1361412562310844433", "OPENVAS:1361412562310844434", "OPENVAS:1361412562310844439", "OPENVAS:1361412562310844443", "OPENVAS:1361412562310844448", "OPENVAS:1361412562310853121", "OPENVAS:1361412562310875404", "OPENVAS:1361412562310875406", "OPENVAS:1361412562310875407", "OPENVAS:1361412562310875414", "OPENVAS:1361412562310875423", "OPENVAS:1361412562310875438", "OPENVAS:1361412562310875443", "OPENVAS:1361412562310875459", "OPENVAS:1361412562310875476", "OPENVAS:1361412562310875506", "OPENVAS:1361412562310875559", "OPENVAS:1361412562310875566", "OPENVAS:1361412562310875577", "OPENVAS:1361412562310875628", "OPENVAS:1361412562310875629", "OPENVAS:1361412562310875681", "OPENVAS:1361412562310875786", "OPENVAS:1361412562310875801", "OPENVAS:1361412562310875834", "OPENVAS:1361412562310875946", "OPENVAS:1361412562310876049", "OPENVAS:1361412562310876105", "OPENVAS:1361412562310876177", "OPENVAS:1361412562310876322", "OPENVAS:1361412562310876361", "OPENVAS:1361412562310876377", "OPENVAS:1361412562310876423", "OPENVAS:1361412562310876445", "OPENVAS:1361412562310876479", "OPENVAS:1361412562310876510", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310876586", "OPENVAS:1361412562310876621", "OPENVAS:1361412562310876666", "OPENVAS:1361412562310876750", "OPENVAS:1361412562310876869", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310876995", "OPENVAS:1361412562310891731", "OPENVAS:1361412562310891771", "OPENVAS:1361412562310892241", "OPENVAS:1361412562310892242", "OPENVAS:1361412562311220191028", "OPENVAS:1361412562311220191131", "OPENVAS:1361412562311220191234", "OPENVAS:1361412562311220191259", "OPENVAS:1361412562311220191512", "OPENVAS:1361412562311220191519", "OPENVAS:1361412562311220201112", "OPENVAS:1361412562311220201158", "OPENVAS:1361412562311220201186", "OPENVAS:1361412562311220201508", "OPENVAS:1361412562311220201536", "OPENVAS:1361412562311220201592", "OPENVAS:1361412562311220201606", "OPENVAS:1361412562311220201674", "OPENVAS:1361412562311220201698", "OPENVAS:1361412562311220201713"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4596", "ELSA-2019-4600", "ELSA-2019-4612", "ELSA-2020-4060", "ELSA-2020-4431", "ELSA-2020-5642", "ELSA-2020-5649", "ELSA-2020-5663", "ELSA-2020-5670", "ELSA-2020-5676", "ELSA-2021-9052", "ELSA-2021-9442"]}, {"type": "osv", "idList": ["OSV:DLA-1731-1", "OSV:DLA-1771-1", "OSV:DLA-2241-1", "OSV:DLA-2242-1", "OSV:DLA-2483-1", "OSV:DSA-4667-1", "OSV:DSA-4698-1"]}, {"type": "photon", "idList": ["PHSA-2019-0128", "PHSA-2019-0212", "PHSA-2019-1.0-0212", "PHSA-2020-0073", "PHSA-2020-0082", "PHSA-2020-0177", "PHSA-2020-0221", "PHSA-2020-0230", "PHSA-2020-0290", "PHSA-2020-1.0-0290", "PHSA-2020-3.0-0073", "PHSA-2020-3.0-0082", "PHSA-2020-3.0-0177"]}, {"type": "redhat", "idList": ["RHSA-2020:2854", "RHSA-2020:4060", "RHSA-2020:4062", "RHSA-2020:4431", "RHSA-2020:4609", "RHSA-2020:5633", "RHSA-2020:5635", "RHSA-2021:1379"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-19770", "RH:CVE-2019-3701", "RH:CVE-2019-9458", "RH:CVE-2020-10942", "RH:CVE-2020-11494", "RH:CVE-2020-11669", "RH:CVE-2020-8834"]}, {"type": "slackware", "idList": ["SSA-2019-030-01", "SSA-2020-163-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0543-1"]}, {"type": "ubuntu", "idList": ["LSN-0067-1", "LSN-0068-1", "LSN-0072-1", "USN-3932-1", "USN-3932-2", "USN-4115-1", "USN-4115-2", "USN-4118-1", "USN-4318-1", "USN-4342-1", "USN-4344-1", "USN-4345-1", "USN-4363-1", "USN-4364-1", "USN-4368-1", "USN-4369-1", "USN-4369-2", "USN-4680-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-19770", "UB:CVE-2019-3701", "UB:CVE-2019-9458", "UB:CVE-2020-10942", "UB:CVE-2020-11494", "UB:CVE-2020-11669", "UB:CVE-2020-8834"]}, {"type": "veracode", "idList": ["VERACODE:27123", "VERACODE:27769", "VERACODE:27778"]}]}, "score": {"value": 0.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:4431"]}, {"type": "amazon", "idList": ["ALAS-2020-1360"]}, {"type": "centos", "idList": ["CESA-2020:4060"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:27F5DB3AFDCF54F32837F9CE39245DE1", "CFOUNDRY:63AC599C6730C4293761CECD360AA195"]}, {"type": "cve", "idList": ["CVE-2019-3701"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E", "DEBIAN:DLA-1771-1:3CE68", "DEBIAN:DSA-4667-1:62006"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-19770", "DEBIANCVE:CVE-2019-3701", "DEBIANCVE:CVE-2019-9458", "DEBIANCVE:CVE-2020-10942", "DEBIANCVE:CVE-2020-11494", "DEBIANCVE:CVE-2020-11669", "DEBIANCVE:CVE-2020-8834"]}, {"type": "f5", "idList": ["F5:K17957133"]}, {"type": "fedora", "idList": ["FEDORA:20DCB60779B2", "FEDORA:22D77604972B", "FEDORA:296826040AED", "FEDORA:3266960F0E44", "FEDORA:41B546014626", "FEDORA:4CF35608BFEA", "FEDORA:4D5AD601FDAC", "FEDORA:5956060491DC", "FEDORA:5B68260A5858", "FEDORA:6B66A6047312", "FEDORA:6B6B360567FC", "FEDORA:8FD3E60491BA", "FEDORA:95A686085F81", "FEDORA:9E3D9606D195", "FEDORA:AAA6460491BA", "FEDORA:BBFE360460D0", "FEDORA:C49D061F375F", "FEDORA:C64AE6007F37", "FEDORA:D2B426045A04", "FEDORA:DBB1B659CBE0", "FEDORA:E88866014636", "FEDORA:E93AE6077DCD", "FEDORA:EF6BA6045A0C", "FEDORA:F417F60477C5"]}, {"type": "ibm", "idList": ["7BEBE6C769A16D13746B813CF456C36F85AE1B1A1CBD26E71A53BD6E5B34E2F4"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/ORACLE_LINUX-CVE-2020-10742/"]}, {"type": "nessus", "idList": ["ALA_ALAS-2020-1360.NASL", "DEBIAN_DSA-4667.NASL", "EULEROS_SA-2019-1028.NASL", "EULEROS_SA-2020-1508.NASL", "EULEROS_SA-2020-1536.NASL", "FEDORA_2019-337484D88B.NASL", "FEDORA_2019-B0F7A7B74B.NASL", "OPENSUSE-2020-543.NASL", "ORACLELINUX_ELSA-2020-5663.NASL", "ORACLELINUX_ELSA-2020-5670.NASL", "ORACLELINUX_ELSA-2020-5676.NASL", "PHOTONOS_PHSA-2020-1_0-0290_LINUX.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SUSE_SU-2020-1118-1.NASL", "SUSE_SU-2020-1119-1.NASL", "SUSE_SU-2020-1123-1.NASL", "SUSE_SU-2020-1141-1.NASL", "SUSE_SU-2020-1142-1.NASL", "UBUNTU_USN-4342-1.NASL", "UBUNTU_USN-4344-1.NASL", "UBUNTU_USN-4345-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704667", "OPENVAS:1361412562310843951", "OPENVAS:1361412562310843957", "OPENVAS:1361412562310844406", "OPENVAS:1361412562310844409", "OPENVAS:1361412562310844410", "OPENVAS:1361412562310853121", "OPENVAS:1361412562310875404", "OPENVAS:1361412562310875406", "OPENVAS:1361412562310875407", "OPENVAS:1361412562310875414", "OPENVAS:1361412562310875423", "OPENVAS:1361412562310875438", "OPENVAS:1361412562310875443", "OPENVAS:1361412562310875459", "OPENVAS:1361412562310875476", "OPENVAS:1361412562310875506", "OPENVAS:1361412562310875559", "OPENVAS:1361412562310875566", "OPENVAS:1361412562310875577", "OPENVAS:1361412562310875628", "OPENVAS:1361412562310875629", "OPENVAS:1361412562310875681", "OPENVAS:1361412562310875786", "OPENVAS:1361412562310875801", "OPENVAS:1361412562310875834", "OPENVAS:1361412562310875946", "OPENVAS:1361412562310876049", "OPENVAS:1361412562310876105", "OPENVAS:1361412562310876177", "OPENVAS:1361412562310876322", "OPENVAS:1361412562310876361", "OPENVAS:1361412562310876377", "OPENVAS:1361412562310891731", "OPENVAS:1361412562310891771", "OPENVAS:1361412562311220201536"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4596", "ELSA-2019-4600", "ELSA-2019-4612", "ELSA-2020-5663"]}, {"type": "photon", "idList": ["PHSA-2019-1.0-0212", "PHSA-2020-1.0-0290", "PHSA-2020-3.0-0073", "PHSA-2020-3.0-0177"]}, {"type": "redhat", "idList": ["RHSA-2020:4431"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-19770", "RH:CVE-2019-9458", "RH:CVE-2020-10942", "RH:CVE-2020-11494", "RH:CVE-2020-11669", "RH:CVE-2020-8834"]}, {"type": "slackware", "idList": ["SSA-2019-030-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0543-1"]}, {"type": "ubuntu", "idList": ["USN-3932-1", "USN-3932-2", "USN-4342-1", "USN-4344-1", "USN-4345-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-19770", "UB:CVE-2019-9458", "UB:CVE-2020-10942", "UB:CVE-2020-11494", "UB:CVE-2020-11669", "UB:CVE-2020-8834"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2019-19770", "epss": 0.00226, "percentile": 0.59349, "modified": "2023-05-06"}, {"cve": "CVE-2019-3701", "epss": 0.00074, "percentile": 0.30179, "modified": "2023-05-06"}, {"cve": "CVE-2019-9458", "epss": 0.00042, "percentile": 0.05667, "modified": "2023-05-06"}, {"cve": "CVE-2020-10942", "epss": 0.00062, "percentile": 0.24605, "modified": "2023-05-07"}, {"cve": "CVE-2020-11494", "epss": 0.00049, "percentile": 0.15315, "modified": "2023-05-07"}, {"cve": "CVE-2020-11669", "epss": 0.00045, "percentile": 0.1211, "modified": "2023-05-06"}, {"cve": "CVE-2020-8834", "epss": 0.00054, "percentile": 0.20515, "modified": "2023-05-07"}], "vulnersScore": 0.3}, "_state": {"dependencies": 1684440198, "score": 1698838921, "epss": 0}, "_internal": {"score_hash": "e88ab72727a8cabeddb1df60c8d74c0e"}, "pluginID": "136168", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1146-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136168);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-19770\", \"CVE-2019-3701\", \"CVE-2019-9458\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11669\", \"CVE-2020-8834\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:1146-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-8834: KVM on Power8 processors had a conflicting use of\nHSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in\nkvmppc_{save,restore}_tm, leading to a stack corruption. Because of\nthis, an attacker with the ability to run code in kernel space of a\nguest VM can cause the host kernel to panic (bnc#1168276).\n\nCVE-2020-11494: An issue was discovered in slc_bump in\ndrivers/net/can/slcan.c, which allowed attackers to read uninitialized\ncan_frame data, potentially containing sensitive information from\nkernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL\n(bnc#1168424).\n\nCVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks\nvalidation of an sk_family field, which might allow attackers to\ntrigger kernel stack corruption via crafted system calls\n(bnc#1167629).\n\nCVE-2019-9458: In the video driver there was a use after free due to a\nrace condition. This could lead to local escalation of privilege with\nno additional execution privileges needed (bnc#1168295).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a\nsystem crash (bnc#1120386).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function\n(bsc#1159198).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S\ndid not have save/restore functionality for PNV_POWERSAVE_AMR,\nPNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1071995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085030\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145051\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159037\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163403\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164777\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164780\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165019\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165211\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166780\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166860\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166861\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166862\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166866\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166867\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166982\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167005\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167216\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167288\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167316\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168273\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168276\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168295\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168486\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168552\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168762\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168763\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168764\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168765\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168881\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168884\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168952\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19770/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3701/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9458/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10942/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11494/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11669/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8834/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201146-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c3bcebc1\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 15-SP1:zypper in -t patch\nSUSE-SLE-Product-WE-15-SP1-2020-1146=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-1146=1\n\nSUSE Linux Enterprise Module for Live Patching 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Live-Patching-15-SP1-2020-1146=1\n\nSUSE Linux Enterprise Module for Legacy Software 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Legacy-15-SP1-2020-1146=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-SP1-2020-1146=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2020-1146=1\n\nSUSE Linux Enterprise High Availability 15-SP1:zypper in -t patch\nSUSE-SLE-Product-HA-15-SP1-2020-1146=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-livepatch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-livepatch-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-base-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-base-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-debugsource-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-devel-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-livepatch-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-livepatch-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debugsource-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-man-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-base-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-base-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-debugsource-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-devel-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-obs-build-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-obs-build-debugsource-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-obs-qa-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-syms-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-base-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-debugsource-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-devel-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-livepatch-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kselftests-kmp-default-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kselftests-kmp-default-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"reiserfs-kmp-default-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"reiserfs-kmp-default-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-livepatch-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-base-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-base-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-debugsource-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-devel-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-livepatch-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-livepatch-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debugsource-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-man-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-base-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-base-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-debugsource-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-devel-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-obs-build-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-obs-build-debugsource-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-obs-qa-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-syms-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-base-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-debugsource-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-devel-debuginfo-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-livepatch-devel-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kselftests-kmp-default-4.12.14-197.40.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kselftests-kmp-default-debuginfo-4.12.14-197.40.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-debug", "p-cpe:/a:novell:suse_linux:kernel-debug-base", "p-cpe:/a:novell:suse_linux:kernel-debug-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-debug-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-debug-debugsource", "p-cpe:/a:novell:suse_linux:kernel-debug-devel", "p-cpe:/a:novell:suse_linux:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-debug-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-livepatch", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debugsource", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-obs-build", "p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource", "p-cpe:/a:novell:suse_linux:kernel-obs-qa", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-vanilla", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource", "p-cpe:/a:novell:suse_linux:kernel-vanilla-devel", "p-cpe:/a:novell:suse_linux:kernel-vanilla-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-man", "p-cpe:/a:novell:suse_linux:kselftests-kmp-default", "p-cpe:/a:novell:suse_linux:kselftests-kmp-default-debuginfo", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo", "cpe:/o:novell:suse_linux:15"], "solution": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 15-SP1:zypper in -t patch SUSE-SLE-Product-WE-15-SP1-2020-1146=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1:zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-1146=1\n\nSUSE Linux Enterprise Module for Live Patching 15-SP1:zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2020-1146=1\n\nSUSE Linux Enterprise Module for Legacy Software 15-SP1:zypper in -t patch SUSE-SLE-Module-Legacy-15-SP1-2020-1146=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1:zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP1-2020-1146=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-1146=1\n\nSUSE Linux Enterprise High Availability 15-SP1:zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2020-1146=1", "nessusSeverity": "Medium", "cvssScoreSource": "", "vendor_cvss2": {"score": 6.4, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "vendor_cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}, "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-04-29T00:00:00", "vulnerabilityPublicationDate": "2019-01-03T00:00:00", "exploitableWith": []}

{"suse": [{"lastseen": "2022-04-18T12:41:22", "description": "An update that solves 7 vulnerabilities and has 76 fixes is\n now available.\n\nDescription:\n\n\n\n The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2020-11669: An issue was discovered on the powerpc platform.\n arch/powerpc/kernel/idle_book3s.S did not have save/restore\n functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and\n PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd (bnc#1169390).\n - CVE-2020-8834: KVM on Power8 processors had a conflicting use of\n HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in\n kvmppc_{save,restore}_tm, leading to a stack corruption. Because of\n this, an attacker with the ability run code in kernel space of a guest\n VM can cause the host kernel to panic. There were two commits that,\n according to the reporter, introduced the vulnerability: f024ee098476\n (\"KVM: PPC: Book3S HV: Pull out TM state save/restore into separate\n procedures\") 87a11bb6a7f7 (\"KVM: PPC: Book3S HV: Work around XER[SO] bug\n in fake suspend mode\") (bnc#1168276).\n - CVE-2020-11494: An issue was discovered in slc_bump in\n drivers/net/can/slcan.c, which allowed attackers to read uninitialized\n can_frame data, potentially containing sensitive information from kernel\n stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka\n CID-b9258a2cece4 (bnc#1168424).\n - CVE-2019-9458: In the video driver there is a use after free due to a\n race condition. This could lead to local escalation of privilege with no\n additional execution privileges needed. User interaction is not needed\n for exploitation (bnc#1168295).\n - CVE-2019-3701: An issue was discovered in can_can_gw_rcv in\n net/can/gw.c. The CAN frame modification rules allow bitwise logical\n operations that can be also applied to the can_dlc field. The privileged\n user \"root\" with CAP_NET_ADMIN can create a CAN frame modification rule\n that made the data length code a higher value than the available CAN\n frame data size. In combination with a configured checksum calculation\n where the result is stored relatively to the end of the data (e.g.\n cgw_csum_xor_rel) the tail of the skb (e.g. frag_list pointer in\n skb_shared_info) can be rewritten which finally can cause a system\n crash. Because of a missing check, the CAN drivers may write arbitrary\n content beyond the data registers in the CAN controller's I/O memory\n when processing can-gw manipulated outgoing frames (bnc#1120386).\n - CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacked\n validation of an sk_family field, which might allow attackers to trigger\n kernel stack corruption via crafted system calls (bnc#1167629).\n - CVE-2019-19770: A use-after-free in the debugfs_remove function in\n fs/debugfs/inode.c was fixed. (bnc#1159198).\n\n The following non-security bugs were fixed:\n\n - ACPI: watchdog: Fix gas->access_width usage (bsc#1051510).\n - ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro (bsc#1051510).\n - ALSA: ali5451: remove redundant variable capture_flag (bsc#1051510).\n - ALSA: core: Add snd_device_get_state() helper (bsc#1051510).\n - ALSA: core: Replace zero-length array with flexible-array member\n (bsc#1051510).\n - ALSA: emu10k1: Fix endianness annotations (bsc#1051510).\n - ALSA: hda/ca0132 - Add Recon3Di quirk to handle integrated sound on EVGA\n X99 Classified motherboard (bsc#1051510).\n - ALSA: hda/ca0132 - Replace zero-length array with flexible-array member\n (bsc#1051510).\n - ALSA: hda/realtek - Enable headset mic of Acer X2660G with ALC662\n (git-fixes).\n - ALSA: hda/realtek - Enable the headset of Acer N50-600 with ALC662\n (git-fixes).\n - ALSA: hda/realtek - Remove now-unnecessary XPS 13 headphone noise fixups\n (bsc#1051510).\n - ALSA: hda/realtek - Set principled PC Beep configuration for ALC256\n (bsc#1051510).\n - ALSA: hda/realtek - a fake key event is triggered by running shutup\n (bsc#1051510).\n - ALSA: hda/realtek: Enable mute LED on an HP system (bsc#1051510).\n - ALSA: hda/realtek: Fix pop noise on ALC225 (git-fixes).\n - ALSA: hda: Fix potential access overflow in beep helper (bsc#1051510).\n - ALSA: hda: Use scnprintf() for string truncation (bsc#1051510).\n - ALSA: hda: default enable CA0132 DSP support (bsc#1051510).\n - ALSA: hda: remove redundant assignment to variable timeout (bsc#1051510).\n - ALSA: hda_codec: Replace zero-length array with flexible-array member\n (bsc#1051510).\n - ALSA: hdsp: remove redundant assignment to variable err (bsc#1051510).\n - ALSA: ice1724: Fix invalid access for enumerated ctl items (bsc#1051510).\n - ALSA: info: remove redundant assignment to variable c (bsc#1051510).\n - ALSA: korg1212: fix if-statement empty body warnings (bsc#1051510).\n - ALSA: line6: Fix endless MIDI read loop (git-fixes).\n - ALSA: pcm.h: add for_each_pcm_streams() (bsc#1051510).\n - ALSA: pcm: Fix superfluous snprintf() usage (bsc#1051510).\n - ALSA: pcm: Use a macro for parameter masks to reduce the needed cast\n (bsc#1051510).\n - ALSA: pcm: oss: Avoid plugin buffer overflow (git-fixes).\n - ALSA: pcm: oss: Fix regression by buffer overflow fix (bsc#1051510).\n - ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks\n (git-fixes).\n - ALSA: pcm: oss: Unlock mutex temporarily for sleeping at read/write\n (bsc#1051510).\n - ALSA: seq: oss: Fix running status after receiving sysex (git-fixes).\n - ALSA: seq: virmidi: Fix running status after receiving sysex (git-fixes).\n - ALSA: usb-audio: Add delayed_register option (bsc#1051510).\n - ALSA: usb-audio: Add support for MOTU MicroBook IIc (bsc#1051510).\n - ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp\n (0951:16d8) (bsc#1051510).\n - ALSA: usb-audio: Do not create a mixer element with bogus volume range\n (bsc#1051510).\n - ALSA: usb-audio: Fix case when USB MIDI interface has more than one\n extra endpoint descriptor (bsc#1051510).\n - ALSA: usb-audio: Fix mixer controls' USB interface for Kingston HyperX\n Amp (0951:16d8) (bsc#1051510).\n - ALSA: usb-audio: Inform devices that need delayed registration\n (bsc#1051510).\n - ALSA: usb-audio: Parse source ID of UAC2 effect unit (bsc#1051510).\n - ALSA: usb-audio: Rewrite registration quirk handling (bsc#1051510).\n - ALSA: usb-midi: Replace zero-length array with flexible-array member\n (bsc#1051510).\n - ALSA: usx2y: use for_each_pcm_streams() macro (bsc#1051510).\n - ALSA: via82xx: Fix endianness annotations (bsc#1051510).\n - ASoC: Intel: atom: Take the drv->lock mutex before calling\n sst_send_slot_map() (bsc#1051510).\n - ASoC: Intel: mrfld: fix incorrect check on p->sink (bsc#1051510).\n - ASoC: Intel: mrfld: return error codes when an error occurs\n (bsc#1051510).\n - ASoC: jz4740-i2s: Fix divider written at incorrect offset in register\n (bsc#1051510).\n - ASoC: sun8i-codec: Remove unused dev from codec struct (bsc#1051510).\n - Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl (bsc#1051510).\n - Btrfs: clean up error handling in btrfs_truncate() (bsc#1165949).\n - Btrfs: do not reset bio->bi_ops while writing bio (bsc#1168273).\n - Btrfs: fix missing delayed iputs on unmount (bsc#1165949).\n - Btrfs: fix qgroup double free after failure to reserve metadata for\n delalloc (bsc#1165949).\n - Btrfs: fix race leading to metadata space leak after task received\n signal (bsc#1165949).\n - Btrfs: fix unwritten extent buffers and hangs on future writeback\n attempts (bsc#1168273).\n - Btrfs: make plug in writing meta blocks really work (bsc#1168273).\n - Btrfs: only check delayed ref usage in should_end_transaction\n (bsc#1165949).\n - Btrfs: remove bio_flags which indicates a meta block of log-tree\n (bsc#1168273).\n - Crypto: chelsio - Fixes a deadlock between rtnl_lock and uld_mutex\n (bsc#1111666).\n - Crypto: chelsio - Fixes a hang issue during driver registration\n (bsc#1111666).\n - Deprecate NR_UNSTABLE_NFS, use NR_WRITEBACK (bsc#1163403).\n - HID: apple: Add support for recent firmware on Magic Keyboards\n (bsc#1051510).\n - IB/hfi1: convert to debugfs_file_get() and -put() (bsc#1159198\n bsc#1109911). Prerequisite for bsc#1159198.\n - Input: add safety guards to input_set_keycode() (bsc#1168075).\n - Input: avoid BIT() macro usage in the serio.h UAPI header (bsc#1051510).\n - Input: raydium_i2c_ts - fix error codes in raydium_i2c_boot_trigger()\n (bsc#1051510).\n - Input: synaptics - enable RMI on HP Envy 13-ad105ng (bsc#1051510).\n - MM: replace PF_LESS_THROTTLE with PF_LOCAL_THROTTLE (bsc#1163403).\n - NFC: fdp: Fix a signedness bug in fdp_nci_send_patch() (bsc#1051510).\n - NFS: send state management on a single connection (bsc#1167005).\n - OMAP: DSS2: remove non-zero check on variable r (bsc#1114279)\n - PCI/AER: Factor message prefixes with dev_fmt() (bsc#1161561).\n - PCI/AER: Log which device prevents error recovery (bsc#1161561).\n - PCI/AER: Remove ERR_FATAL code from ERR_NONFATAL path (bsc#1161561).\n - PCI/ASPM: Clear the correct bits when enabling L1 substates\n (bsc#1051510).\n - PCI/ERR: Always report current recovery status for udev (bsc#1161561).\n - PCI/ERR: Handle fatal error recovery (bsc#1161561).\n - PCI/ERR: Remove duplicated include from err.c (bsc#1161561).\n - PCI/ERR: Simplify broadcast callouts (bsc#1161561).\n - PCI/portdrv: Remove pcie_port_bus_type link order dependency\n (bsc#1161561).\n - PCI/switchtec: Fix init_completion race condition with poll_wait()\n (bsc#1051510).\n - PCI: Simplify disconnected marking (bsc#1161561).\n - PCI: Unify device inaccessible (bsc#1161561).\n - PCI: endpoint: Fix clearing start entry in configfs (bsc#1051510).\n - PCI: pciehp: Fix MSI interrupt race (bsc#1159037).\n - PCI: portdrv: Initialize service drivers directly (bsc#1161561).\n - PM: core: Fix handling of devices deleted during system-wide resume\n (git-fixes).\n - SUNRPC: defer slow parts of rpc_free_client() to a workqueue\n (bsc#1168202).\n - USB: Disable LPM on WD19's Realtek Hub (git-fixes).\n - USB: Fix novation SourceControl XL after suspend (git-fixes).\n - USB: cdc-acm: fix rounding error in TIOCSSERIAL (git-fixes).\n - USB: hub: Do not record a connect-change event during reset-resume\n (git-fixes).\n - USB: misc: iowarrior: add support for 2 OEMed devices (git-fixes).\n - USB: misc: iowarrior: add support for the 100 device (git-fixes).\n - USB: misc: iowarrior: add support for the 28 and 28L devices (git-fixes).\n - USB: serial: io_edgeport: fix slab-out-of-bounds read in\n edge_interrupt_callback (bsc#1051510).\n - USB: serial: option: add ME910G1 ECM composition 0x110b (git-fixes).\n - USB: serial: pl2303: add device-id for HP LD381 (git-fixes).\n - ahci: Add support for Amazon's Annapurna Labs SATA controller\n (bsc#1169013).\n - apei/ghes: Do not delay GHES polling (bsc#1166982).\n - ath9k: Handle txpower changes even when TPC is disabled (bsc#1051510).\n - batman-adv: Avoid spurious warnings from bat_v neigh_cmp implementation\n (bsc#1051510).\n - batman-adv: Do not schedule OGM for disabled interface (bsc#1051510).\n - batman-adv: prevent TT request storms by not sending inconsistent TT\n TLVLs (bsc#1051510).\n - binfmt_elf: Do not move brk for INTERP-less ET_EXEC (bsc#1169013).\n - binfmt_elf: move brk out of mmap when doing direct loader exec\n (bsc#1169013).\n - blk-mq: Allow blocking queue tag iter callbacks (bsc#1167316).\n - block, bfq: fix use-after-free in bfq_idle_slice_timer_body\n (bsc#1168760).\n - block: keep bdi->io_pages in sync with max_sectors_kb for stacked\n devices (bsc#1168762).\n - bnxt_en: Support all variants of the 5750X chip family (bsc#1167216).\n - bpf: Explicitly memset some bpf info structures declared on the stack\n (bsc#1083647).\n - bpf: Explicitly memset the bpf_attr structure (bsc#1083647).\n - brcmfmac: abort and release host after error (bsc#1111666).\n - btrfs: Account for trans_block_rsv in may_commit_transaction\n (bsc#1165949).\n - btrfs: Add enospc_debug printing in metadata_reserve_bytes (bsc#1165949).\n - btrfs: Do mandatory tree block check before submitting bio (bsc#1168273).\n - btrfs: Improve global reserve stealing logic (bsc#1165949).\n - btrfs: Output ENOSPC debug info in inc_block_group_ro (bsc#1165949).\n - btrfs: Remove btrfs_inode::delayed_iput_count (bsc#1165949).\n - btrfs: Remove fs_info from do_chunk_alloc (bsc#1165949).\n - btrfs: Remove redundant argument of flush_space (bsc#1165949).\n - btrfs: Remove redundant mirror_num arg (bsc#1168273).\n - btrfs: Rename bin_search -> btrfs_bin_search (bsc#1168273).\n - btrfs: add a flush step for delayed iputs (bsc#1165949).\n - btrfs: add assertions for releasing trans handle reservations\n (bsc#1165949).\n - btrfs: add btrfs_delete_ref_head helper (bsc#1165949).\n - btrfs: add enospc debug messages for ticket failure (bsc#1165949).\n - btrfs: add new flushing states for the delayed refs rsv (bsc#1165949).\n - btrfs: add space reservation tracepoint for reserved bytes (bsc#1165949).\n - btrfs: adjust dirty_metadata_bytes after writeback failure of extent\n buffer (bsc#1168273).\n - btrfs: allow us to use up to 90% of the global rsv for unlink\n (bsc#1165949).\n - btrfs: always reserve our entire size for the global reserve\n (bsc#1165949).\n - btrfs: assert on non-empty delayed iputs (bsc##1165949).\n - btrfs: be more explicit about allowed flush states (bsc#1165949).\n - btrfs: call btrfs_create_pending_block_groups unconditionally\n (bsc#1165949).\n - btrfs: catch cow on deleting snapshots (bsc#1165949).\n - btrfs: change the minimum global reserve size (bsc#1165949).\n - btrfs: check if there are free block groups for commit (bsc#1165949).\n - btrfs: cleanup extent_op handling (bsc#1165949).\n - btrfs: cleanup root usage by btrfs_get_alloc_profile (bsc#1165949).\n - btrfs: cleanup the target logic in __btrfs_block_rsv_release\n (bsc#1165949).\n - btrfs: clear space cache inode generation always (bsc#1165949).\n - btrfs: delayed-ref: pass delayed_refs directly to btrfs_delayed_ref_lock\n (bsc#1165949).\n - btrfs: do not account global reserve in can_overcommit (bsc#1165949).\n - btrfs: do not allow reservations if we have pending tickets\n (bsc#1165949).\n - btrfs: do not call btrfs_start_delalloc_roots in flushoncommit\n (bsc#1165949).\n - btrfs: do not end the transaction for delayed refs in throttle\n (bsc#1165949).\n - btrfs: do not enospc all tickets on flush failure (bsc#1165949).\n - btrfs: do not run delayed refs in the end transaction logic\n (bsc#1165949).\n - btrfs: do not run delayed_iputs in commit (bsc##1165949).\n - btrfs: do not use ctl->free_space for max_extent_size (bsc##1165949).\n - btrfs: do not use global reserve for chunk allocation (bsc#1165949).\n - btrfs: drop get_extent from extent_page_data (bsc#1168273).\n - btrfs: drop min_size from evict_refill_and_join (bsc##1165949).\n - btrfs: drop unused space_info parameter from create_space_info\n (bsc#1165949).\n - btrfs: dump block_rsv details when dumping space info (bsc#1165949).\n - btrfs: export __btrfs_block_rsv_release (bsc#1165949).\n - btrfs: export block group accounting helpers (bsc#1165949).\n - btrfs: export block_rsv_use_bytes (bsc#1165949).\n - btrfs: export btrfs_block_rsv_add_bytes (bsc#1165949).\n - btrfs: export space_info_add_*_bytes (bsc#1165949).\n - btrfs: export the block group caching helpers (bsc#1165949).\n - btrfs: export the caching control helpers (bsc#1165949).\n - btrfs: export the excluded extents helpers (bsc#1165949).\n - btrfs: extent-tree: Add lockdep assert when updating space info\n (bsc#1165949).\n - btrfs: extent-tree: Add trace events for space info numbers update\n (bsc#1165949).\n - btrfs: extent-tree: Detect bytes_may_use underflow earlier (bsc#1165949).\n - btrfs: extent-tree: Detect bytes_pinned underflow earlier (bsc#1165949).\n - btrfs: extent_io: Handle errors better in btree_write_cache_pages()\n (bsc#1168273).\n - btrfs: extent_io: Handle errors better in extent_write_full_page()\n (bsc#1168273).\n - btrfs: extent_io: Handle errors better in extent_write_locked_range()\n (bsc#1168273).\n - btrfs: extent_io: Handle errors better in extent_writepages()\n (bsc#1168273).\n - btrfs: extent_io: Kill dead condition in extent_write_cache_pages()\n (bsc#1168273).\n - btrfs: extent_io: Kill the forward declaration of flush_write_bio\n (bsc#1168273).\n - btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up\n (bsc#1168273).\n - btrfs: extent_io: add proper error handling to\n lock_extent_buffer_for_io() (bsc#1168273).\n - btrfs: factor our read/write stage off csum_tree_block into its callers\n (bsc#1168273).\n - btrfs: factor out the ticket flush handling (bsc#1165949).\n - btrfs: fix insert_reserved error handling (bsc##1165949).\n - btrfs: fix may_commit_transaction to deal with no partial filling\n (bsc#1165949).\n - btrfs: fix truncate throttling (bsc#1165949).\n - btrfs: force chunk allocation if our global rsv is larger than metadata\n (bsc#1165949).\n - btrfs: introduce an evict flushing state (bsc#1165949).\n - btrfs: introduce delayed_refs_rsv (bsc#1165949).\n - btrfs: loop in inode_rsv_refill (bsc#1165949).\n - btrfs: make btrfs_destroy_delayed_refs use btrfs_delayed_ref_lock\n (bsc#1165949).\n - btrfs: make btrfs_destroy_delayed_refs use btrfs_delete_ref_head\n (bsc#1165949).\n - btrfs: make caching_thread use btrfs_find_next_key (bsc#1165949).\n - btrfs: merge two flush_write_bio helpers (bsc#1168273).\n - btrfs: migrate btrfs_trans_release_chunk_metadata (bsc#1165949).\n - btrfs: migrate inc/dec_block_group_ro code (bsc#1165949).\n - btrfs: migrate nocow and reservation helpers (bsc#1165949).\n - btrfs: migrate the alloc_profile helpers (bsc#1165949).\n - btrfs: migrate the block group caching code (bsc#1165949).\n - btrfs: migrate the block group cleanup code (bsc#1165949).\n - btrfs: migrate the block group lookup code (bsc#1165949).\n - btrfs: migrate the block group read/creation code (bsc#1165949).\n - btrfs: migrate the block group ref counting stuff (bsc#1165949).\n - btrfs: migrate the block group removal code (bsc#1165949).\n - btrfs: migrate the block group space accounting helpers (bsc#1165949).\n - btrfs: migrate the block-rsv code to block-rsv.c (bsc#1165949).\n - btrfs: migrate the chunk allocation code (bsc#1165949).\n - btrfs: migrate the delalloc space stuff to it's own home (bsc#1165949).\n - btrfs: migrate the delayed refs rsv code (bsc#1165949).\n - btrfs: migrate the dirty bg writeout code (bsc#1165949).\n - btrfs: migrate the global_block_rsv helpers to block-rsv.c (bsc#1165949).\n - btrfs: move and export can_overcommit (bsc#1165949).\n - btrfs: move basic block_group definitions to their own header\n (bsc#1165949).\n - btrfs: move btrfs_add_free_space out of a header file (bsc#1165949).\n - btrfs: move btrfs_block_rsv definitions into it's own header\n (bsc#1165949).\n - btrfs: move btrfs_raid_group values to btrfs_raid_attr table\n (bsc#1165949).\n - btrfs: move btrfs_space_info_add_*_bytes to space-info.c (bsc#1165949).\n - btrfs: move dump_space_info to space-info.c (bsc#1165949).\n - btrfs: move reserve_metadata_bytes and supporting code to space-info.c\n (bsc#1165949).\n - btrfs: move space_info to space-info.h (bsc#1165949).\n - btrfs: move the space info update macro to space-info.h (bsc#1165949).\n - btrfs: move the space_info handling code to space-info.c (bsc#1165949).\n - btrfs: move the subvolume reservation stuff out of extent-tree.c\n (bsc#1165949).\n - btrfs: only check priority tickets for priority flushing (bsc#1165949).\n - btrfs: only free reserved extent if we didn't insert it (bsc##1165949).\n - btrfs: only reserve metadata_size for inodes (bsc#1165949).\n - btrfs: only track ref_heads in delayed_ref_updates (bsc#1165949).\n - btrfs: pass root to various extent ref mod functions (bsc#1165949).\n - btrfs: qgroup: Do not hold qgroup_ioctl_lock in btrfs_qgroup_inherit()\n (bsc#1165823).\n - btrfs: qgroup: Mark qgroup inconsistent if we're inherting snapshot to a\n new qgroup (bsc#1165823).\n - btrfs: refactor block group replication factor calculation to a helper\n (bsc#1165949).\n - btrfs: refactor priority_reclaim_metadata_space (bsc#1165949).\n - btrfs: refactor the ticket wakeup code (bsc#1165949).\n - btrfs: release metadata before running delayed refs (bsc##1165949).\n - btrfs: remove orig_bytes from reserve_ticket (bsc#1165949).\n - btrfs: rename btrfs_space_info_add_old_bytes (bsc#1165949).\n - btrfs: rename do_chunk_alloc to btrfs_chunk_alloc (bsc#1165949).\n - btrfs: rename the btrfs_calc_*_metadata_size helpers (bsc#1165949).\n - btrfs: replace cleaner_delayed_iput_mutex with a waitqueue (bsc#1165949).\n - btrfs: reserve delalloc metadata differently (bsc#1165949).\n - btrfs: reserve extra space during evict (bsc#1165949).\n - btrfs: reset max_extent_size on clear in a bitmap (bsc##1165949).\n - btrfs: reset max_extent_size properly (bsc##1165949).\n - btrfs: rework btrfs_check_space_for_delayed_refs (bsc#1165949).\n - btrfs: rework wake_all_tickets (bsc#1165949).\n - btrfs: roll tracepoint into btrfs_space_info_update helper (bsc#1165949).\n - btrfs: run btrfs_try_granting_tickets if a priority ticket fails\n (bsc#1165949).\n - btrfs: run delayed iput at unlink time (bsc#1165949).\n - btrfs: run delayed iputs before committing (bsc#1165949).\n - btrfs: set max_extent_size properly (bsc##1165949).\n - btrfs: sink extent_write_full_page tree argument (bsc#1168273).\n - btrfs: sink extent_write_locked_range tree parameter (bsc#1168273).\n - btrfs: sink flush_fn to extent_write_cache_pages (bsc#1168273).\n - btrfs: sink get_extent parameter to extent_write_full_page (bsc#1168273).\n - btrfs: sink get_extent parameter to extent_write_locked_range\n (bsc#1168273).\n - btrfs: sink get_extent parameter to extent_fiemap (bsc#1168273).\n - btrfs: sink get_extent parameter to extent_readpages (bsc#1168273).\n - btrfs: sink get_extent parameter to extent_writepages (bsc#1168273).\n - btrfs: sink get_extent parameter to get_extent_skip_holes (bsc#1168273).\n - btrfs: sink writepage parameter to extent_write_cache_pages\n (bsc#1168273).\n - btrfs: stop partially refilling tickets when releasing space\n (bsc#1165949).\n - btrfs: stop using block_rsv_release_bytes everywhere (bsc#1165949).\n - btrfs: switch to on-stack csum buffer in csum_tree_block (bsc#1168273).\n - btrfs: temporarily export btrfs_get_restripe_target (bsc#1165949).\n - btrfs: temporarily export fragment_free_space (bsc#1165949).\n - btrfs: temporarily export inc_block_group_ro (bsc#1165949).\n - btrfs: track DIO bytes in flight (bsc#1165949).\n - btrfs: tree-checker: Remove comprehensive root owner check (bsc#1168273).\n - btrfs: unexport can_overcommit (bsc#1165949).\n - btrfs: unexport the temporary exported functions (bsc#1165949).\n - btrfs: unify error handling for ticket flushing (bsc#1165949).\n - btrfs: unify extent_page_data type passed as void (bsc#1168273).\n - btrfs: update may_commit_transaction to use the delayed refs rsv\n (bsc#1165949).\n - btrfs: use btrfs_try_granting_tickets in update_global_rsv (bsc#1165949).\n - btrfs: wait on caching when putting the bg cache (bsc#1165949).\n - btrfs: wait on ordered extents on abort cleanup (bsc#1165949).\n - btrfs: wakeup cleaner thread when adding delayed iput (bsc#1165949).\n - ceph: canonicalize server path in place (bsc#1168443).\n - ceph: check POOL_FLAG_FULL/NEARFULL in addition to OSDMAP_FULL/NEARFULL\n (bsc#1169307).\n - ceph: remove the extra slashes in the server path (bsc#1168443).\n - cfg80211: check reg_rule for NULL in handle_channel_custom()\n (bsc#1051510).\n - cfg80211: check wiphy driver existence for drvinfo report (bsc#1051510).\n - cgroup: memcg: net: do not associate sock with unrelated cgroup\n (bsc#1167290).\n - cifs: ignore cached share root handle closing errors (bsc#1166780).\n - clk: imx: Align imx sc clock msg structs to 4 (bsc#1111666).\n - clk: imx: Align imx sc clock msg structs to 4 (git-fixes).\n - clk: qcom: rcg: Return failure for RCG update (bsc#1051510).\n - configfs: Fix bool initialization/comparison (bsc#1051510).\n - cpufreq: Register drivers only after CPU devices have been registered\n (bsc#1051510).\n - cpuidle: Do not unset the driver if it is there already (bsc#1051510).\n - crypto: arm64/sha-ce - implement export/import (bsc#1051510).\n - crypto: mxs-dcp - fix scatterlist linearization for hash (bsc#1051510).\n - crypto: tcrypt - fix printed skcipher [a]sync mode (bsc#1051510).\n - debugfs: add support for more elaborate ->d_fsdata (bsc#1159198\n bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: call debugfs_real_fops() only after debugfs_file_get()\n (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: call debugfs_real_fops() only after debugfs_file_get()\n (bsc#1159198). Prerequisite for bsc#1159198.\n - debugfs: convert to debugfs_file_get() and -put() (bsc#1159198\n bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: debugfs_real_fops(): drop __must_hold sparse annotation\n (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: debugfs_use_start/finish do not exist anymore (bsc#1159198).\n Prerequisite for bsc#1159198.\n - debugfs: defer debugfs_fsdata allocation to first usage (bsc#1159198\n bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: defer debugfs_fsdata allocation to first usage (bsc#1159198).\n Prerequisite for bsc#1159198.\n - debugfs: fix debugfs_real_fops() build error (bsc#1159198 bsc#1109911).\n Prerequisite for bsc#1159198.\n - debugfs: implement per-file removal protection (bsc#1159198\n bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: purge obsolete SRCU based removal protection (bsc#1159198\n bsc#1109911). Prerequisite for bsc#1159198.\n - debugfs: simplify __debugfs_remove_file() (bsc#1159198). Prerequisite\n for bsc#1159198.\n - dmaengine: ste_dma40: fix unneeded variable warning (bsc#1051510).\n - drm/amd/amdgpu: Fix GPR read from debugfs (v2) (bsc#1113956)\n - drm/amd/display: Add link_rate quirk for Apple 15\" MBP 2017\n (bsc#1111666).\n - drm/amd/display: Fix wrongly passed static prefix (bsc#1111666).\n - drm/amd/display: remove duplicated assignment to grph_obj_type\n (bsc#1051510).\n - drm/amdgpu: fix typo for vcn1 idle check (bsc#1111666).\n - drm/bochs: downgrade pci_request_region failure from error to warning\n (bsc#1051510).\n - drm/bridge: dw-hdmi: fix AVI frame colorimetry (bsc#1051510).\n - drm/drm_dp_mst:remove set but not used variable 'origlen' (bsc#1051510).\n - drm/exynos: dsi: fix workaround for the legacy clock name (bsc#1111666).\n - drm/exynos: dsi: propagate error value and silence meaningless warning\n (bsc#1111666).\n - drm/lease: fix WARNING in idr_destroy (bsc#1113956)\n - drm/msm: Set dma maximum segment size for mdss (bsc#1051510).\n - drm/msm: Use the correct dma_sync calls harder (bsc#1051510).\n - drm/msm: Use the correct dma_sync calls in msm_gem (bsc#1051510).\n - drm/msm: stop abusing dma_map/unmap for cache (bsc#1051510).\n - drm/sun4i: dsi: Use NULL to signify \"no panel\" (bsc#1111666).\n - drm/v3d: Replace wait_for macros to remove use of msleep (bsc#1111666).\n - drm/vc4: Fix HDMI mode validation (git-fixes).\n - drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read()\n (bsc#1051510).\n - dt-bindings: allow up to four clocks for orion-mdio (bsc#1051510).\n - efi: Do not attempt to map RCI2 config table if it does not exist\n (jsc#ECO-366, bsc#1168367).\n - efi: Export Runtime Configuration Interface table to sysfs (jsc#ECO-366,\n bsc#1168367).\n - efi: Fix a race and a buffer overflow while reading efivars via sysfs\n (bsc#1164893).\n - efi: x86: move efi_is_table_address() into arch/x86 (jsc#ECO-366,\n bsc#1168367).\n - ext4: Avoid ENOSPC when avoiding to reuse recently deleted inodes\n (bsc#1165019).\n - ext4: Check for non-zero journal inum in ext4_calculate_overhead\n (bsc#1167288).\n - ext4: add cond_resched() to __ext4_find_entry() (bsc#1166862).\n - ext4: do not assume that mmp_nodename/bdevname have NUL (bsc#1166860).\n - ext4: fix a data race in EXT4_I(inode)->i_disksize (bsc#1166861).\n - ext4: fix incorrect group count in ext4_fill_super error message\n (bsc#1168765).\n - ext4: fix incorrect inodes per group in error message (bsc#1168764).\n - ext4: fix potential race between online resizing and write operations\n (bsc#1166864).\n - ext4: fix potential race between s_flex_groups online resizing and\n access (bsc#1166867).\n - ext4: fix potential race between s_group_info online resizing and access\n (bsc#1166866).\n - ext4: fix race between writepages and enabling EXT4_EXTENTS_FL\n (bsc#1166870).\n - ext4: fix support for inode sizes > 1024 bytes (bsc#1164284).\n - ext4: potential crash on allocation error in ext4_alloc_flex_bg_array()\n (bsc#1166940).\n - ext4: rename s_journal_flag_rwsem to s_writepages_rwsem (bsc#1166868).\n - ext4: validate the debug_want_extra_isize mount option at parse time\n (bsc#1163897).\n - fat: fix uninit-memory access for partial initialized inode\n (bsc#1051510).\n - fat: work around race with userspace's read via blockdev while mounting\n (bsc#1051510).\n - fbdev/g364fb: Fix build failure (bsc#1051510).\n - fbdev: potential information leak in do_fb_ioctl() (bsc#1114279)\n - fbmem: Adjust indentation in fb_prepare_logo and fb_blank (bsc#1114279)\n - firmware: arm_sdei: fix double-lock on hibernate with shared events\n (bsc#1111666).\n - firmware: arm_sdei: fix possible double-lock on hibernate error path\n (bsc#1111666).\n - ftrace/kprobe: Show the maxactive number on kprobe_events (git-fixes).\n - i2c: hix5hd2: add missed clk_disable_unprepare in remove (bsc#1051510).\n - i2c: jz4780: silence log flood on txabrt (bsc#1051510).\n - ibmvfc: do not send implicit logouts prior to NPIV login (bsc#1169625\n ltc#184611).\n - iio: gyro: adis16136: check ret val for non-zero vs less-than-zero\n (bsc#1051510).\n - iio: imu: adis16400: check ret val for non-zero vs less-than-zero\n (bsc#1051510).\n - iio: imu: adis16480: check ret val for non-zero vs less-than-zero\n (bsc#1051510).\n - iio: imu: adis: check ret val for non-zero vs less-than-zero\n (bsc#1051510).\n - iio: magnetometer: ak8974: Fix negative raw values in sysfs\n (bsc#1051510).\n - iio: potentiostat: lmp9100: fix\n iio_triggered_buffer_{predisable,postenable} positions (bsc#1051510).\n - intel_th: Fix user-visible error codes (bsc#1051510).\n - intel_th: pci: Add Elkhart Lake CPU support (bsc#1051510).\n - iommu/amd: Fix the configuration of GCR3 table root pointer\n (bsc#1169057).\n - ipmi: fix hung processes in __get_guid() (bsc#1111666).\n - ipmi:ssif: Handle a possible NULL pointer reference (bsc#1051510).\n - ipvlan: do not add hardware address of master to its unicast filter list\n (bsc#1137325).\n - irqchip/bcm2835: Quiesce IRQs left enabled by bootloader (bsc#1051510).\n - irqdomain: Fix a memory leak in irq_domain_push_irq() (bsc#1051510).\n - kABI workaround for pcie_port_bus_type change (bsc#1161561).\n - kABI: fixes for debugfs per-file removal protection backports\n (bsc#1159198 bsc#1109911).\n - kABI: restore debugfs_remove_recursive() (bsc#1159198).\n - kabi fix for (bsc#1168202).\n - libceph: fix alloc_msg_with_page_vector() memory leaks (bsc#1169308).\n - libfs: fix infoleak in simple_attr_read() (bsc#1168881).\n - lpfc: add support for translating an RSCN rcv into a discovery rescan\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - lpfc: add support to generate RSCN events for nport (bsc#1164777\n bsc#1164780 bsc#1165211).\n - mac80211: Do not send mesh HWMP PREQ if HWMP is disabled (bsc#1051510).\n - mac80211: consider more elements in parsing CRC (bsc#1051510).\n - mac80211: free peer keys before vif down in mesh (bsc#1051510).\n - mac80211: mesh: fix RCU warning (bsc#1051510).\n - mac80211: only warn once on chanctx_conf being NULL (bsc#1051510).\n - mac80211: rx: avoid RCU list traversal under mutex (bsc#1051510).\n - macsec: add missing attribute validation for port (bsc#1051510).\n - macsec: fix refcnt leak in module exit routine (bsc#1051510).\n - media: dib0700: fix rc endpoint lookup (bsc#1051510).\n - media: flexcop-usb: fix endpoint sanity check (git-fixes).\n - media: go7007: Fix URB type for interrupt handling (bsc#1051510).\n - media: ov519: add missing endpoint sanity checks (bsc#1168829).\n - media: ov6650: Fix .get_fmt() V4L2_SUBDEV_FORMAT_TRY support\n (bsc#1051510).\n - media: ov6650: Fix some format attributes not under control\n (bsc#1051510).\n - media: ov6650: Fix stored crop rectangle not in sync with hardware\n (bsc#1051510).\n - media: ov6650: Fix stored frame format not in sync with hardware\n (bsc#1051510).\n - media: stv06xx: add missing descriptor sanity checks (bsc#1168854).\n - media: tda10071: fix unsigned sign extension overflow (bsc#1051510).\n - media: usbtv: fix control-message timeouts (bsc#1051510).\n - media: v4l2-core: fix entity initialization in device_register_subdev\n (bsc#1051510).\n - media: vsp1: tidyup VI6_HGT_LBn_H() macro (bsc#1051510).\n - media: xirlink_cit: add missing descriptor sanity checks (bsc#1051510).\n - mfd: dln2: Fix sanity checking for endpoints (bsc#1051510).\n - misc: pci_endpoint_test: Fix to support > 10 pci-endpoint-test devices\n (bsc#1051510).\n - mm/filemap.c: do not initiate writeback if mapping has no dirty pages\n (bsc#1168884).\n - mm/memory_hotplug.c: only respect mem= parameter during boot stage\n (bsc#1065600).\n - mmc: sdhci-of-at91: fix cd-gpios for SAMA5D2 (bsc#1051510).\n - mwifiex: set needed_headroom, not hard_header_len (bsc#1051510).\n - net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL\n (bsc#1051510).\n - net/sched: flower: add missing validation of TCA_FLOWER_FLAGS\n (networking-stable-20_02_19).\n - net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS\n (networking-stable-20_02_19).\n - net/smc: fix leak of kernel memory to user space\n (networking-stable-20_02_19).\n - net: dsa: tag_qca: Make sure there is headroom for tag\n (networking-stable-20_02_19).\n - net: ena: Add PCI shutdown handler to allow safe kexec (bsc#1167421,\n bsc#1167423).\n - net: nfc: fix bounds checking bugs on \"pipe\" (bsc#1051510).\n - net: phy: micrel: kszphy_resume(): add delay after genphy_resume()\n before accessing PHY registers (bsc#1051510).\n - net_sched: keep alloc_hash updated after hash allocation (git-fixes).\n - netfilter: conntrack: sctp: use distinct states for new SCTP connections\n (bsc#1159199).\n - nvme-multipath: also check for a disabled path if there is a single\n sibling (bsc#1158983).\n - nvme-multipath: do not select namespaces which are about to be removed\n (bsc#1158983).\n - nvme-multipath: factor out a nvme_path_is_disabled helper (bsc#1158983).\n - nvme-multipath: fix crash in nvme_mpath_clear_ctrl_paths (bsc#1158983).\n - nvme-multipath: fix possible I/O hang when paths are updated\n (bsc#1158983).\n - nvme-multipath: fix possible io hang after ctrl reconnect (bsc#1158983).\n - nvme-multipath: remove unused groups_only mode in ana log (bsc#1158983).\n - nvme-multipath: round-robin I/O policy (bsc#1158983).\n - nvme: fix a possible deadlock when passthru commands sent to a multipath\n device (bsc#1158983).\n - nvme: fix controller removal race with scan work (bsc#1158983).\n - objtool: Add is_static_jump() helper (bsc#1169514).\n - objtool: Add relocation check for alternative sections (bsc#1169514).\n - partitions/efi: Fix partition name parsing in GUID partition entry\n (bsc#1168763).\n - perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT\n flag (bsc#1114279).\n - perf: qcom_l2: fix column exclusion check (git-fixes).\n - pinctrl: core: Remove extra kref_get which blocks hogs being freed\n (bsc#1051510).\n - platform/x86: pmc_atom: Add Lex 2I385SW to critclk_systems DMI table\n (bsc#1051510).\n - powerpc/64/tm: Do not let userspace set regs->trap via sigreturn\n (bsc#1118338 ltc#173734).\n - powerpc/64: mark start_here_multiplatform as __ref (bsc#1148868).\n - powerpc/64s: Fix section mismatch warnings from boot code (bsc#1148868).\n - powerpc/hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap\n PTE entries (bsc#1065729).\n - powerpc/kprobes: Ignore traps that happened in real mode (bsc#1065729).\n - powerpc/mm: Fix section mismatch warning in\n stop_machine_change_mapping() (bsc#1148868).\n - powerpc/pseries/ddw: Extend upper limit for huge DMA window for\n persistent memory (bsc#1142685 ltc#179509).\n - powerpc/pseries/iommu: Fix set but not used values (bsc#1142685\n ltc#179509).\n - powerpc/pseries/iommu: Use memory@ nodes in max RAM address calculation\n (bsc#1142685 ltc#179509).\n - powerpc/vmlinux.lds: Explicitly retain .gnu.hash (bsc#1148868).\n - powerpc/xive: Replace msleep(x) with msleep(OPAL_BUSY_DELAY_MS)\n (bsc#1085030).\n - powerpc/xive: Use XIVE_BAD_IRQ instead of zero to catch non configured\n IPIs (bsc#1085030).\n - pwm: bcm2835: Dynamically allocate base (bsc#1051510).\n - pwm: meson: Fix confusing indentation (bsc#1051510).\n - pwm: pca9685: Fix PWM/GPIO inter-operation (bsc#1051510).\n - pwm: rcar: Fix late Runtime PM enablement (bsc#1051510).\n - pwm: renesas-tpu: Fix late Runtime PM enablement (bsc#1051510).\n - pxa168fb: fix release function mismatch in probe failure (bsc#1051510).\n - qmi_wwan: unconditionally reject 2 ep interfaces (bsc#1051510).\n - rtlwifi: rtl8192de: Fix missing callback that tests for hw release of\n buffer (git-fixes).\n - s390/mm: fix dynamic pagetable upgrade for hugetlbfs (bsc#1165182\n LTC#184102).\n - s390/qeth: fix potential deadlock on workqueue flush (bsc#1165185\n LTC#184108).\n - scsi: core: avoid repetitive logging of device offline messages\n (bsc#1145929).\n - scsi: core: kABI fix offline_already (bsc#1145929).\n - scsi: fc: Update Descriptor definition and add RDF and Link Integrity\n FPINs (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: ibmvfc: Fix NULL return compiler warning (bsc#1161951 ltc#183551).\n - scsi: lpfc: Change default SCSI LUN QD to 64 (bsc#1164777 bsc#1164780\n bsc#1165211 jsc#SLE-8654).\n - scsi: lpfc: Clean up hba max_lun_queue_depth checks (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Copyright updates for 12.6.0.4 patches (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix Fabric hostname registration if system hostname changes\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix MDS Latency Diagnostics Err-drop rates (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix broken Credit Recovery after driver load (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix compiler warning on frame size (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Fix coverity errors in fmdi attribute handling (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix crash after handling a pci error (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix disablement of FC-AL on lpe35000 models (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix driver nvme rescan logging (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Fix erroneous cpu limit of 128 on I/O statistics\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix improper flag check for IO type (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Fix incomplete NVME discovery when target (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix lockdep error - register non-static key (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix lpfc overwrite of sg_cnt field in nvmefc_tgt_fcp_req\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix lpfc_io_buf resource leak in lpfc_get_scsi_buf_s4 error\n path (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix missing check for CSF in Write Object Mbox Rsp\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix ras_log via debugfs (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Fix registration of ELS type support in fdmi (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix release of hwq to clear the eq relationship (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix scsi host template for SLI3 vports (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix unmap of dpp bars affecting next driver load\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix update of wq consumer index in lpfc_sli4_wq_release\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Fix: Rework setting of fdmi symbolic node name registration\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Make debugfs ktime stats generic for NVME and SCSI\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Make lpfc_defer_acc_rsp static (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Remove handler for obsolete ELS - Read Port Status (RPS)\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: Remove prototype FIPS/DSS options from SLI-3 (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: lpfc: Update lpfc version to 12.6.0.3 (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Update lpfc version to 12.6.0.4 (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: Update lpfc version to 12.8.0.0 (bsc#1164777 bsc#1164780\n bsc#1165211).\n - scsi: lpfc: add RDF registration and Link Integrity FPIN logging\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: fix spelling mistake \"Notication\" -> \"Notification\"\n (bsc#1164777 bsc#1164780 bsc#1165211).\n - scsi: lpfc: fix spelling mistakes of asynchronous (bsc#1164777\n bsc#1164780 bsc#1165211).\n - scsi: qla2xxx: Fix I/Os being passed down when FC device is being\n deleted (bsc#1157424).\n - serdev: ttyport: restore client ops on deregistration (bsc#1051510).\n - staging: ccree: use signal safe completion wait (git-fixes).\n - staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table\n (bsc#1051510).\n - staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi (bsc#1051510).\n - staging: wlan-ng: fix ODEBUG bug in prism2sta_disconnect_usb\n (bsc#1051510).\n - staging: wlan-ng: fix use-after-free Read in hfa384x_usbin_callback\n (bsc#1051510).\n - swiotlb: do not panic on mapping failures (bsc#1162171).\n - swiotlb: remove the overflow buffer (bsc#1162171).\n - thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n\n (bsc#1051510).\n - tpm: ibmvtpm: Wait for buffer to be set before proceeding (bsc#1065729).\n - tty/serial: atmel: manage shutdown in case of RS485 or ISO7816 mode\n (bsc#1051510).\n - tty: evh_bytechan: Fix out of bounds accesses (bsc#1051510).\n - tty: serial: imx: setup the correct sg entry for tx dma (bsc#1051510).\n - usb: audio-v2: Add uac2_effect_unit_descriptor definition (bsc#1051510).\n - usb: core: hub: do error out if usb_autopm_get_interface() fails\n (git-fixes).\n - usb: core: port: do error out if usb_autopm_get_interface() fails\n (git-fixes).\n - usb: dwc2: Fix in ISOC request length checking (git-fixes).\n - usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus (git-fixes).\n - usb: gadget: f_fs: Fix use after free issue as part of queue failure\n (bsc#1051510).\n - usb: host: xhci-plat: add a shutdown (git-fixes).\n - usb: musb: Disable pullup at init (git-fixes).\n - usb: musb: fix crash with highmen PIO and usbmon (bsc#1051510).\n - usb: quirks: add NO_LPM quirk for Logitech Screen Share (git-fixes).\n - usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters\n (git-fixes).\n - usb: storage: Add quirk for Samsung Fit flash (git-fixes).\n - usb: uas: fix a plug & unplug racing (git-fixes).\n - usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI controller 1022:145c\n (git-fixes).\n - virtio-blk: improve virtqueue error to BLK_STS (bsc#1167627).\n - virtio_ring: fix unmap of indirect descriptors (bsc#1162171).\n - x86/mce: Fix logic and comments around MSR_PPIN_CTL (bsc#1114279).\n - x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes\n (bsc#1114279).\n - xen/blkfront: fix memory allocation flags in blkfront_setup_indirect()\n (bsc#1168486).\n - xhci: Do not open code __print_symbolic() in xhci trace events\n (git-fixes).\n - xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms\n (git-fixes).\n\n\nSpecial Instructions and Notes:\n\n Please reboot the system after installing this update.\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-543=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 8.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2020-04-23T00:00:00", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19770", "CVE-2019-3701", "CVE-2019-9458", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11669", "CVE-2020-8834"], "modified": "2020-04-23T00:00:00", "id": "OPENSUSE-SU-2020:0543-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TIJNUS3JX74DEJSKTRECNDTYTY3LURG2/", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}], "openvas": [{"lastseen": "2020-04-28T16:56:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-24T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for the (openSUSE-SU-2020:0543-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2019-19770", "CVE-2020-10942", "CVE-2020-8834", "CVE-2019-3701", "CVE-2019-9458", "CVE-2020-11669"], "modified": "2020-04-26T00:00:00", "id": "OPENVAS:1361412562310853121", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853121", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853121\");\n script_version(\"2020-04-26T06:11:04+0000\");\n script_cve_id(\"CVE-2019-19770\", \"CVE-2019-3701\", \"CVE-2019-9458\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11669\", \"CVE-2020-8834\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-26 06:11:04 +0000 (Sun, 26 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-24 03:00:39 +0000 (Fri, 24 Apr 2020)\");\n script_name(\"openSUSE: Security Advisory for the (openSUSE-SU-2020:0543-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0543-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00035.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'the'\n package(s) announced via the openSUSE-SU-2020:0543-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2020-11669: An issue was discovered on the powerpc platform.\n arch/powerpc/kernel/idle_book3s.S did not have save/restore\n functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and\n PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd (bnc#1169390).\n\n - CVE-2020-8834: KVM on Power8 processors had a conflicting use of\n HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in\n kvmppc_{save, restore}_tm, leading to a stack corruption. Because of\n this, an attacker with the ability run code in kernel space of a guest\n VM can cause the host kernel to panic. There were two commits that,\n according to the reporter, introduced the vulnerability: f024ee098476\n ('KVM: PPC: Book3S HV: Pull out TM state save/restore into separate\n procedures') 87a11bb6a7f7 ('KVM: PPC: Book3S HV: Work around XER[SO] bug\n in fake suspend mode') (bnc#1168276).\n\n - CVE-2020-11494: An issue was discovered in slc_bump in\n drivers/net/can/slcan.c, which allowed attackers to read uninitialized\n can_frame data, potentially containing sensitive information from kernel\n stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka\n CID-b9258a2cece4 (bnc#1168424).\n\n - CVE-2019-9458: In the video driver there is a use after free due to a\n race condition. This could lead to local escalation of privilege with no\n additional execution privileges needed. User interaction is not needed\n for exploitation (bnc#1168295).\n\n - CVE-2019-3701: An issue was discovered in can_can_gw_rcv in\n net/can/gw.c. The CAN frame modification rules allow bitwise logical\n operations that can be also applied to the can_dlc field. The privileged\n user 'root' with CAP_NET_ADMIN can create a CAN frame modification rule\n that made the data length code a higher value than the available CAN\n frame data size. In combination with a configured checksum calculation\n where the result is stored relatively to the end of the data (e.g.\n cgw_csum_xor_rel) the tail of the skb (e.g. frag_list pointer in\n skb_shared_info) can be rewritten which finally can cause a system\n crash. Because of a missing check, the CAN drivers may write arbitrary\n content beyond the data registers in the CAN controller's I/O memory\n when processing can-gw manipulated outgoing frames (bnc#1120386).\n\n - CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacked\n validation of an sk_family field, which might allow attackers to trigger\n kernel stack corruption via crafted system calls (bnc#1167629).\n\n - CVE-2019-19770: A use-after- ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'the' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall\", rpm:\"kernel-kvmsmall~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base\", rpm:\"kernel-kvmsmall-base~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base-debuginfo\", rpm:\"kernel-kvmsmall-base-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debuginfo\", rpm:\"kernel-kvmsmall-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debugsource\", rpm:\"kernel-kvmsmall-debugsource~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel\", rpm:\"kernel-kvmsmall-devel~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel-debuginfo\", rpm:\"kernel-kvmsmall-devel-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~4.12.14~lp151.28.48.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2020-05-28T13:50:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-19T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4363-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2020-11565", "CVE-2020-11669", "CVE-2020-12657"], "modified": "2020-05-27T00:00:00", "id": "OPENVAS:1361412562310844434", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844434", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844434\");\n script_version(\"2020-05-27T04:05:03+0000\");\n script_cve_id(\"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11669\", \"CVE-2020-12657\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-27 04:05:03 +0000 (Wed, 27 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-19 03:00:36 +0000 (Tue, 19 May 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4363-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4363-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-May/005437.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4363-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the Serial CAN interface driver in the Linux kernel\ndid not properly initialize data. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2020-11494)\n\nIt was discovered that the linux kernel did not properly validate certain\nmount options to the tmpfs virtual memory file system. A local attacker\nwith the ability to specify mount options could use this to cause a denial\nof service (system crash). (CVE-2020-11565)\n\nDavid Gibson discovered that the Linux kernel on Power9 CPUs did not\nproperly save and restore Authority Mask registers state in some\nsituations. A local attacker in a guest VM could use this to cause a denial\nof service (host system crash). (CVE-2020-11669)\n\nIt was discovered that the block layer in the Linux kernel contained a race\ncondition leading to a use-after-free vulnerability. A local attacker could\npossibly use this to cause a denial of service (system crash) or execute\narbitrary code. (CVE-2020-12657)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-101-generic\", ver:\"4.15.0-101.102\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-101-generic-lpae\", ver:\"4.15.0-101.102\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-101-lowlatency\", ver:\"4.15.0-101.102\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1039-oracle\", ver:\"4.15.0-1039.43\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1059-gke\", ver:\"4.15.0-1059.62\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1067-aws\", ver:\"4.15.0-1067.71\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1079-snapdragon\", ver:\"4.15.0-1079.86\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1081-oem\", ver:\"4.15.0-1081.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-lts-18.04\", ver:\"4.15.0.1067.70\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1059.63\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-4.15\", ver:\"4.15.0.1059.63\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.1081.85\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle-lts-18.04\", ver:\"4.15.0.1039.48\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.15.0.1079.82\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.15.0.101.91\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-101-generic\", ver:\"4.15.0-101.102~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-101-generic-lpae\", ver:\"4.15.0-101.102~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-101-lowlatency\", ver:\"4.15.0-101.102~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1039-oracle\", ver:\"4.15.0-1039.43~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1067-aws\", ver:\"4.15.0-1067.71~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1071-gcp\", ver:\"4.15.0-1071.81~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-hwe\", ver:\"4.15.0.1067.67\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.15.0.1071.77\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.15.0.101.108\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.15.0.101.108\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1071.77\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.15.0.101.108\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.101.108\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"4.15.0.1039.32\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-16.04\", ver:\"4.15.0.101.108\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for\n the ", "cvss3": {}, "published": "2019-01-15T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-headers FEDORA-2019-337484d88b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3701"], "modified": "2019-05-20T00:00:00", "id": "OPENVAS:1361412562310875404", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875404", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel-headers FEDORA-2019-337484d88b\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875404\");\n script_version(\"2019-05-20T06:45:30+0000\");\n script_cve_id(\"CVE-2019-3701\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-20 06:45:30 +0000 (Mon, 20 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-15 04:01:41 +0100 (Tue, 15 Jan 2019)\");\n script_name(\"Fedora Update for kernel-headers FEDORA-2019-337484d88b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-337484d88b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRRDIQFD2RTAZ5D555Q4TNISROVK7FDC\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for\n the 'kernel-headers' package(s) announced via the FEDORA-2019-337484d88b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present\n on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel-headers on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.14~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-01-15T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-tools FEDORA-2019-337484d88b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3701"], "modified": "2019-05-20T00:00:00", "id": "OPENVAS:1361412562310875406", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875406", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel-tools FEDORA-2019-337484d88b\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875406\");\n script_version(\"2019-05-20T06:45:30+0000\");\n script_cve_id(\"CVE-2019-3701\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-20 06:45:30 +0000 (Mon, 20 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-15 04:01:47 +0100 (Tue, 15 Jan 2019)\");\n script_name(\"Fedora Update for kernel-tools FEDORA-2019-337484d88b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-337484d88b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V4JR6ZQUU3TAAAXI46HTQL2ZDJB2AGJF\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'kernel-tools' package(s) announced via the FEDORA-2019-337484d88b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present\n on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel-tools on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.14~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-28T13:50:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-19T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4364-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2020-10942", "CVE-2020-11609", "CVE-2020-11608", "CVE-2020-11668", "CVE-2020-11565", "CVE-2019-19060"], "modified": "2020-05-27T00:00:00", "id": "OPENVAS:1361412562310844433", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844433", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844433\");\n script_version(\"2020-05-27T04:05:03+0000\");\n script_cve_id(\"CVE-2019-19060\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-27 04:05:03 +0000 (Wed, 27 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-19 03:00:28 +0000 (Tue, 19 May 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4364-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4364-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-May/005438.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4364-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel\ndid not properly deallocate memory in certain error conditions. A local\nattacker could use this to cause a denial of service (memory exhaustion).\n(CVE-2019-19060)\n\nIt was discovered that the vhost net driver in the Linux kernel contained a\nstack buffer overflow. A local attacker with the ability to perform ioctl()\ncalls on /dev/vhost-net could use this to cause a denial of service (system\ncrash). (CVE-2020-10942)\n\nIt was discovered that the Serial CAN interface driver in the Linux kernel\ndid not properly initialize data. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2020-11494)\n\nIt was discovered that the linux kernel did not properly validate certain\nmount options to the tmpfs virtual memory file system. A local attacker\nwith the ability to specify mount options could use this to cause a denial\nof service (system crash). (CVE-2020-11565)\n\nIt was discovered that the OV51x USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11608)\n\nIt was discovered that the STV06XX USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11609)\n\nIt was discovered that the Xirlink C-It USB Camera device driver in the\nLinux kernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2020-11668)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1107-aws\", ver:\"4.4.0-1107.118\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1133-raspi2\", ver:\"4.4.0-1133.142\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1137-snapdragon\", ver:\"4.4.0-1137.145\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-179-generic\", ver:\"4.4.0-179.209\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-179-generic-lpae\", ver:\"4.4.0-179.209\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-179-lowlatency\", ver:\"4.4.0-179.209\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-179-powerpc-e500mc\", ver:\"4.4.0-179.209\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-179-powerpc-smp\", ver:\"4.4.0-179.209\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-179-powerpc64-emb\", ver:\"4.4.0-179.209\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-179-powerpc64-smp\", ver:\"4.4.0-179.209\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1107.111\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.179.187\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.179.187\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.179.187\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.179.187\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.179.187\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.179.187\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.179.187\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.4.0.1133.133\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1137.129\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.4.0.179.187\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-28T13:50:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-20T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux-gke-5.0 (USN-4368-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2020-11609", "CVE-2019-19769", "CVE-2020-11608", "CVE-2020-11668", "CVE-2020-11565", "CVE-2020-11669", "CVE-2020-12657"], "modified": "2020-05-27T00:00:00", "id": "OPENVAS:1361412562310844439", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844439", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844439\");\n script_version(\"2020-05-27T04:05:03+0000\");\n script_cve_id(\"CVE-2019-19769\", \"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\", \"CVE-2020-11669\", \"CVE-2020-12657\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-27 04:05:03 +0000 (Wed, 27 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-20 03:00:27 +0000 (Wed, 20 May 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux-gke-5.0 (USN-4368-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU18\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4368-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-May/005442.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-gke-5.0'\n package(s) announced via the USN-4368-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Tristan Madani discovered that the file locking implementation in the Linux\nkernel contained a race condition. A local attacker could possibly use this\nto cause a denial of service or expose sensitive information.\n(CVE-2019-19769)\n\nIt was discovered that the Serial CAN interface driver in the Linux kernel\ndid not properly initialize data. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2020-11494)\n\nIt was discovered that the linux kernel did not properly validate certain\nmount options to the tmpfs virtual memory file system. A local attacker\nwith the ability to specify mount options could use this to cause a denial\nof service (system crash). (CVE-2020-11565)\n\nIt was discovered that the OV51x USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11608)\n\nIt was discovered that the STV06XX USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11609)\n\nIt was discovered that the Xirlink C-It USB Camera device driver in the\nLinux kernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2020-11668)\n\nDavid Gibson discovered that the Linux kernel on Power9 CPUs did not\nproperly save and restore Authority Mask registers state in some\nsituations. A local attacker in a guest VM could use this to cause a denial\nof service (host system crash). (CVE-2020-11669)\n\nIt was discovered that the block layer in the Linux kernel contained a race\ncondition leading to a use-after-free vulnerability. A local attacker could\npossibly use this to cause a denial of service (system crash) or execute\narbitrary code. (CVE-2020-12657)\");\n\n script_tag(name:\"affected\", value:\"'linux-gke-5.0' package(s) on Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1037-gke\", ver:\"5.0.0-1037.38\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1052-oem-osp1\", ver:\"5.0.0-1052.57\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-5.0\", ver:\"5.0.0.1037.25\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem-osp1\", ver:\"5.0.0.1052.55\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:37:03", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1234)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3701", "CVE-2018-19985"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191234", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191234", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1234\");\n script_version(\"2020-01-23T11:36:02+0000\");\n script_cve_id(\"CVE-2018-19985\", \"CVE-2019-3701\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:36:02 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:36:02 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1234)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.4\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1234\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1234\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1234 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in can_can_gw_rcv() in the net/can/gw.c in the Linux kernel. The CAN driver may write arbitrary content beyond the data registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames because of a missing check. A local user with CAP_NET_ADMIN capability granted in the initial namespace can exploit this vulnerability to cause a system crash and thus a denial of service (DoS).CVE-2019-3701\n\nA flaw was found in the Linux kernel in the function hso_probe() which reads if_num value from the USB device (as an u8) and uses it without a length check to index an array, resulting in an OOB memory read in hso_probe() or hso_get_config_data(). An attacker with a forged USB device and physical access to a system (needed to connect such a device) can cause a system crash and a denial of service.CVE-2018-19985\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 2.5.4.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.4\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.1.1_58\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.1.1_58\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.1.1_58\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.1.1_58\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.1.1_58\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~862.14.1.1_58\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-04-15T15:04:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-07T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4318-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8992", "CVE-2020-8834", "CVE-2020-8428"], "modified": "2020-04-07T00:00:00", "id": "OPENVAS:1361412562310844383", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844383", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844383\");\n script_version(\"2020-04-07T12:33:10+0000\");\n script_cve_id(\"CVE-2020-8428\", \"CVE-2020-8834\", \"CVE-2020-8992\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-07 12:33:10 +0000 (Tue, 07 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-07 03:00:25 +0000 (Tue, 07 Apr 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4318-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4318-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-April/005380.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4318-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Al Viro discovered that the vfs layer in the Linux kernel contained a use-\nafter-free vulnerability. A local attacker could use this to cause a denial\nof service (system crash) or possibly expose sensitive information (kernel\nmemory). (CVE-2020-8428)\n\nGustavo Romero and Paul Mackerras discovered that the KVM implementation in\nthe Linux kernel for PowerPC processors did not properly keep guest state\nseparate from host state. A local attacker in a KVM guest could use this to\ncause a denial of service (host system crash). (CVE-2020-8834)\n\nShijie Luo discovered that the ext4 file system implementation in the Linux\nkernel did not properly check for a too-large journal size. An attacker\ncould use this to construct a malicious ext4 image that, when mounted,\ncould cause a denial of service (soft lockup). (CVE-2020-8992)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-96-generic\", ver:\"4.15.0-96.97\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-96-generic-lpae\", ver:\"4.15.0-96.97\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-96-lowlatency\", ver:\"4.15.0-96.97\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.15.0.96.87\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-96-generic\", ver:\"4.15.0-96.97~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-96-generic-lpae\", ver:\"4.15.0-96.97~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-96-lowlatency\", ver:\"4.15.0-96.97~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.15.0.96.104\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.15.0.96.104\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.15.0.96.104\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.96.104\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-16.04\", ver:\"4.15.0.96.104\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-06-29T17:52:15", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-26T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1698)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2020-10711", "CVE-2020-12770", "CVE-2019-19770", "CVE-2020-12659", "CVE-2020-12465", "CVE-2019-19462", "CVE-2020-12114", "CVE-2020-12826", "CVE-2020-10942", "CVE-2019-19039", "CVE-2020-11609", "CVE-2019-20636", "CVE-2020-12464", "CVE-2020-12654", "CVE-2019-20806", "CVE-2019-19815", "CVE-2019-19036", "CVE-2020-12653", "CVE-2020-1749", "CVE-2020-11608", "CVE-2020-11668", "CVE-2020-13143", "CVE-2019-19037", "CVE-2019-19377", "CVE-2020-11565", "CVE-2020-11669", "CVE-2020-12652", "CVE-2020-0067", "CVE-2020-12771", "CVE-2020-12655"], "modified": "2020-06-26T00:00:00", "id": "OPENVAS:1361412562311220201698", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201698", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1698\");\n script_version(\"2020-06-26T07:27:06+0000\");\n script_cve_id(\"CVE-2019-19036\", \"CVE-2019-19037\", \"CVE-2019-19039\", \"CVE-2019-19377\", \"CVE-2019-19462\", \"CVE-2019-19770\", \"CVE-2019-19815\", \"CVE-2019-20636\", \"CVE-2019-20806\", \"CVE-2020-0067\", \"CVE-2020-10711\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\", \"CVE-2020-11669\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12465\", \"CVE-2020-12652\", \"CVE-2020-12653\", \"CVE-2020-12654\", \"CVE-2020-12655\", \"CVE-2020-12659\", \"CVE-2020-12770\", \"CVE-2020-12771\", \"CVE-2020-12826\", \"CVE-2020-13143\", \"CVE-2020-1749\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-26 07:27:06 +0000 (Fri, 26 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-26 07:27:06 +0000 (Fri, 26 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1698)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.6\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1698\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1698\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1698 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.(CVE-2019-19815)\n\n** DISPUTED ** __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as not being a vulnerability because 1) The kernel provide facilities to restrict access to dmesg - dmesg_restrict=1 sysctl option. So it's really up to the system administrator to judge whether dmesg access shall be disallowed or not. 2) WARN/WARN_ON are widely used macros in the linux kernel. If this CVE is considered valid this would mean there are literally thousands CVE lurking in the kernel - something which clearly is not the case.(CVE-2019-19039)\n\next4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE) can be zero.(CVE-2019-19037)\n\nbtrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root-node) can be zero.(CVE-2019-19036)\n\n** DISPUTED ** In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file). NOTE: Linux kernel developers dispute this issue as not being an issue with debugfs, instead this is an issue with misuse of debugfs within blktrace.(CVE-2019-19770)\n\nAn issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4.(CVE-2020-11494)\n\n** DISPUTED ** An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue is a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held..(CVE-2020-11565 ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.6.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.6.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-perf\", rpm:\"python3-perf~4.19.36~vhulk1907.1.0.h753.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-01T19:07:28", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-04-20T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1508)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2019-19039", "CVE-2020-11609", "CVE-2019-20636", "CVE-2019-19815", "CVE-2019-19036", "CVE-2020-1749", "CVE-2020-11608", "CVE-2020-11668", "CVE-2019-19037", "CVE-2020-11565", "CVE-2020-11669", "CVE-2020-0067"], "modified": "2020-04-20T00:00:00", "id": "OPENVAS:1361412562311220201508", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201508", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1508\");\n script_version(\"2020-04-20T08:04:53+0000\");\n script_cve_id(\"CVE-2019-19036\", \"CVE-2019-19037\", \"CVE-2019-19039\", \"CVE-2019-19815\", \"CVE-2019-20636\", \"CVE-2020-0067\", \"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\", \"CVE-2020-11669\", \"CVE-2020-1749\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-20 08:04:53 +0000 (Mon, 20 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-20 08:04:53 +0000 (Mon, 20 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1508)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1508\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1508\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1508 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not required for exploitation.(CVE-2020-0067)\n\nAn issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd.(CVE-2020-11669)\n\nIn the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.(CVE-2020-11668)\n\nIn the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.(CVE-2019-20636)\n\nAn issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.(CVE-2020-11608)\n\nAn issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.(CVE-2020-11609)\n\nA flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link, rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.(CVE-2020-1749)\n\nAn issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa.(CVE-2020-11565)\n\nAn issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4.(CVE-2020-11494)\n\nbtrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root-node) can be zero.(CVE-2019-19036)\n\next4_empt ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bpftool\", rpm:\"bpftool~4.19.36~vhulk1907.1.0.h729.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.36~vhulk1907.1.0.h729.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.36~vhulk1907.1.0.h729.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.36~vhulk1907.1.0.h729.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.19.36~vhulk1907.1.0.h729.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.36~vhulk1907.1.0.h729.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.36~vhulk1907.1.0.h729.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.36~vhulk1907.1.0.h729.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.36~vhulk1907.1.0.h729.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-perf\", rpm:\"python3-perf~4.19.36~vhulk1907.1.0.h729.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-04T15:53:49", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-30T00:00:00", "type": "openvas", "title": "Debian: Security Advisory for linux (DSA-4667-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11884", "CVE-2020-10942", "CVE-2020-8428", "CVE-2020-11565", "CVE-2020-2732"], "modified": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562310704667", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704667", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704667\");\n script_version(\"2020-06-03T08:38:58+0000\");\n script_cve_id(\"CVE-2020-10942\", \"CVE-2020-11565\", \"CVE-2020-11884\", \"CVE-2020-2732\", \"CVE-2020-8428\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 08:38:58 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-30 03:00:30 +0000 (Thu, 30 Apr 2020)\");\n script_name(\"Debian: Security Advisory for linux (DSA-4667-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2020/dsa-4667.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4667-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the DSA-4667-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service, or information\nleak.\n\nCVE-2020-2732\nPaulo Bonzini discovered that the KVM implementation for Intel\nprocessors did not properly handle instruction emulation for L2\nguests when nested virtualization is enabled. This could allow\nan L2 guest to cause privilege escalation, denial of service,\nor information leaks in the L1 guest.\n\nCVE-2020-8428\nAl Viro discovered a use-after-free vulnerability in the VFS\nlayer. This allowed local users to cause a denial-of-service\n(crash) or obtain sensitive information from kernel memory.\n\nCVE-2020-10942\nIt was discovered that the vhost_net driver did not properly\nvalidate the type of sockets set as back-ends. A local user\npermitted to access /dev/vhost-net could use this to cause a stack\ncorruption via crafted system calls, resulting in denial of\nservice (crash) or possibly privilege escalation.\n\nCVE-2020-11565\nEntropy Moe reported that the shared memory filesystem (tmpfs) did\nnot correctly handle an mpol\nmount option specifying an empty\nnode list, leading to a stack-based out-of-bounds write. If user\nnamespaces are enabled, a local user could use this to cause a\ndenial of service (crash) or possibly for privilege escalation.\n\nCVE-2020-11884\nAl Viro reported a race condition in memory management code for\nIBM Z (s390x architecture), that can result in the kernel\nexecuting code from the user address space. A local user could\nuse this for privilege escalation.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 4.19.98-1+deb10u1.\n\nWe recommend that you upgrade your linux packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"hyperv-daemons\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libbpf-dev\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libbpf4.19\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcpupower-dev\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcpupower1\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"liblockdep-dev\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"liblockdep4.19\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-8-arm\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-8-s390\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-8-x86\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-config-4.19\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-cpupower\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-4.19\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-4kc-malta\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-5kc-malta\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-686\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-686-pae\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-amd64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-arm64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-armel\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-armhf\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-i386\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-mips\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-mips64el\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-mipsel\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-ppc64el\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-all-s390x\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-amd64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-arm64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-armmp\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-armmp-lpae\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-cloud-amd64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-common\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-common-rt\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-loongson-3\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-marvell\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-octeon\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-powerpc64le\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-rpi\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-rt-686-pae\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-rt-amd64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-rt-arm64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-rt-armmp\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-6-s390x\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-4kc-malta\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-5kc-malta\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-686\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-686-pae\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-amd64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-arm64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-armel\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-armhf\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-i386\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-mips\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-mips64el\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-mipsel\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-ppc64el\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-all-s390x\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-amd64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-arm64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-armmp\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-armmp-lpae\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-cloud-amd64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-common\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-common-rt\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-loongson-3\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-marvell\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-octeon\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-powerpc64le\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-rpi\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-rt-686-pae\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-rt-amd64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-rt-arm64\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-rt-armmp\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.19.0-8-s390x\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-4kc-malta\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-4kc-malta-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-5kc-malta\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-5kc-malta-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-686-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-686-pae-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-686-pae-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-686-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-amd64-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-amd64-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-arm64-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-arm64-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-armmp\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-armmp-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-armmp-lpae\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-armmp-lpae-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-cloud-amd64-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-cloud-amd64-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-loongson-3\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-loongson-3-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-marvell\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-marvell-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-octeon\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-octeon-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-powerpc64le\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-powerpc64le-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rpi\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rpi-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-686-pae-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-686-pae-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-amd64-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-amd64-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-arm64-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-arm64-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-armmp\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-rt-armmp-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-s390x\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-6-s390x-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-4kc-malta\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-4kc-malta-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-5kc-malta\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-5kc-malta-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-686-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-686-pae-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-686-pae-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-686-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-amd64-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-amd64-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-arm64-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-arm64-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-armmp\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-armmp-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-armmp-lpae\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-armmp-lpae-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-cloud-amd64-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-cloud-amd64-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-loongson-3\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-loongson-3-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-marvell\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-marvell-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-octeon\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-octeon-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-powerpc64le\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-powerpc64le-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rpi\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rpi-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-686-pae-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-686-pae-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-amd64-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-amd64-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-arm64-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-arm64-unsigned\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-armmp\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-rt-armmp-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-s390x\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.19.0-8-s390x-dbg\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-amd64-signed-template\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-arm64-signed-template\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-i386-signed-template\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-kbuild-4.19\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-perf-4.19\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-4.19\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.19.0-6\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.19.0-8\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"lockdep\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"usbip\", ver:\"4.19.98-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-08T17:11:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux-gke-5.0 (USN-4344-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8992", "CVE-2020-8648", "CVE-2020-9383", "CVE-2019-19051", "CVE-2020-10942", "CVE-2019-19768", "CVE-2019-16234"], "modified": "2020-05-07T00:00:00", "id": "OPENVAS:1361412562310844409", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844409", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844409\");\n script_version(\"2020-05-07T08:41:48+0000\");\n script_cve_id(\"CVE-2019-16234\", \"CVE-2019-19051\", \"CVE-2019-19768\", \"CVE-2020-10942\", \"CVE-2020-8648\", \"CVE-2020-8992\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"5.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:N/I:P/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-07 08:41:48 +0000 (Thu, 07 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-29 03:01:05 +0000 (Wed, 29 Apr 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux-gke-5.0 (USN-4344-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU18\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4344-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-April/005409.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-gke-5.0'\n package(s) announced via the USN-4344-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the Intel Wi-Fi driver in the Linux kernel did not\nproperly check for errors in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash).\n(CVE-2019-16234)\n\nIt was discovered that the Intel WiMAX 2400 driver in the Linux kernel did\nnot properly deallocate memory in certain situations. A local attacker\ncould use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19051)\n\nTristan Madani discovered that the block I/O tracing implementation in the\nLinux kernel contained a race condition. A local attacker could use this to\ncause a denial of service (system crash) or possibly expose sensitive\ninformation. (CVE-2019-19768)\n\nIt was discovered that the vhost net driver in the Linux kernel contained a\nstack buffer overflow. A local attacker with the ability to perform ioctl()\ncalls on /dev/vhost-net could use this to cause a denial of service (system\ncrash). (CVE-2020-10942)\n\nIt was discovered that the virtual terminal implementation in the Linux\nkernel contained a race condition. A local attacker could possibly use this\nto cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2020-8648)\n\nShijie Luo discovered that the ext4 file system implementation in the Linux\nkernel did not properly check for a too-large journal size. An attacker\ncould use this to construct a malicious ext4 image that, when mounted,\ncould cause a denial of service (soft lockup). (CVE-2020-8992)\n\nJordy Zomer discovered that the floppy driver in the Linux kernel did not\nproperly check for errors in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash) or possibly\nexpose sensitive information. (CVE-2020-9383)\");\n\n script_tag(name:\"affected\", value:\"'linux-gke-5.0' package(s) on Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1035-gke\", ver:\"5.0.0-1035.36\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1050-oem-osp1\", ver:\"5.0.0-1050.55\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-5.0\", ver:\"5.0.0.1035.23\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem-osp1\", ver:\"5.0.0.1050.53\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.4, "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:C"}}, {"lastseen": "2020-05-12T15:36:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4342-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8992", "CVE-2020-8648", "CVE-2020-9383", "CVE-2020-11884", "CVE-2020-10942", "CVE-2019-19768", "CVE-2019-16234"], "modified": "2020-05-11T00:00:00", "id": "OPENVAS:1361412562310844410", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844410", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844410\");\n script_version(\"2020-05-11T07:05:27+0000\");\n script_cve_id(\"CVE-2020-11884\", \"CVE-2019-16234\", \"CVE-2019-19768\", \"CVE-2020-10942\", \"CVE-2020-8648\", \"CVE-2020-8992\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-11 07:05:27 +0000 (Mon, 11 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-29 03:01:12 +0000 (Wed, 29 Apr 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4342-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4342-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-April/005407.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4342-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Al Viro discovered that the Linux kernel for s390x systems did not properly\nperform page table upgrades for kernel sections that use secondary address\nmode. A local attacker could use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2020-11884)\n\nIt was discovered that the Intel Wi-Fi driver in the Linux kernel did not\nproperly check for errors in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash).\n(CVE-2019-16234)\n\nTristan Madani discovered that the block I/O tracing implementation in the\nLinux kernel contained a race condition. A local attacker could use this to\ncause a denial of service (system crash) or possibly expose sensitive\ninformation. (CVE-2019-19768)\n\nIt was discovered that the vhost net driver in the Linux kernel contained a\nstack buffer overflow. A local attacker with the ability to perform ioctl()\ncalls on /dev/vhost-net could use this to cause a denial of service (system\ncrash). (CVE-2020-10942)\n\nIt was discovered that the virtual terminal implementation in the Linux\nkernel contained a race condition. A local attacker could possibly use this\nto cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2020-8648)\n\nShijie Luo discovered that the ext4 file system implementation in the Linux\nkernel did not properly check for a too-large journal size. An attacker\ncould use this to construct a malicious ext4 image that, when mounted,\ncould cause a denial of service (soft lockup). (CVE-2020-8992)\n\nJordy Zomer discovered that the floppy driver in the Linux kernel did not\nproperly check for errors in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash) or possibly\nexpose sensitive information. (CVE-2020-9383)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1016-kvm\", ver:\"5.3.0-1016.17\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1017-aws\", ver:\"5.3.0-1017.18\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1018-gcp\", ver:\"5.3.0-1018.19\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1020-azure\", ver:\"5.3.0-1020.21\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1023-raspi2\", ver:\"5.3.0-1023.25\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-generic\", ver:\"5.3.0-51.44\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-generic-lpae\", ver:\"5.3.0-51.44\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-lowlatency\", ver:\"5.3.0-51.44\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-snapdragon\", ver:\"5.3.0-51.44\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"5.3.0.1017.19\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"5.3.0.1020.39\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"5.3.0.1018.19\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"5.3.0.51.42\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"5.3.0.51.42\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"5.3.0.1018.19\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"5.3.0.1016.18\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"5.3.0.51.42\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"5.3.0.1023.20\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"5.3.0.51.42\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"5.3.0.51.42\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1018-gke\", ver:\"5.3.0-1018.19~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1023-raspi2\", ver:\"5.3.0-1023.25~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-generic\", ver:\"5.3.0-51.44~18.04.2\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-generic-lpae\", ver:\"5.3.0-51.44~18.04.2\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-51-lowlatency\", ver:\"5.3.0-51.44~18.04.2\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-18.04\", ver:\"5.3.0.51.104\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-18.04\", ver:\"5.3.0.51.104\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-5.3\", ver:\"5.3.0.1018.8\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-18.04\", ver:\"5.3.0.51.104\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2-hwe-18.04\", ver:\"5.3.0.1023.12\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon-hwe-18.04\", ver:\"5.3.0.51.104\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-18.04\", ver:\"5.3.0.51.104\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-03T15:50:43", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4369-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2020-11609", "CVE-2019-19769", "CVE-2020-11608", "CVE-2020-11668", "CVE-2019-19377", "CVE-2020-11565", "CVE-2020-12657"], "modified": "2020-05-29T00:00:00", "id": "OPENVAS:1361412562310844448", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844448", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844448\");\n script_version(\"2020-05-29T08:53:11+0000\");\n script_cve_id(\"CVE-2019-19377\", \"CVE-2019-19769\", \"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\", \"CVE-2020-12657\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 08:53:11 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-29 03:00:28 +0000 (Fri, 29 May 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4369-2)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4369-2\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-May/005456.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4369-2 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"USN-4369-1 fixed vulnerabilities in the 5.3 Linux kernel. Unfortunately,\nthat update introduced a regression in overlayfs. This update corrects\nthe problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that the btrfs implementation in the Linux kernel did not\nproperly detect that a block was marked dirty in some situations. An\nattacker could use this to specially craft a file system image that, when\nunmounted, could cause a denial of service (system crash). (CVE-2019-19377)\n\nTristan Madani discovered that the file locking implementation in the Linux\nkernel contained a race condition. A local attacker could possibly use this\nto cause a denial of service or expose sensitive information.\n(CVE-2019-19769)\n\nIt was discovered that the Serial CAN interface driver in the Linux kernel\ndid not properly initialize data. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2020-11494)\n\nIt was discovered that the linux kernel did not properly validate certain\nmount options to the tmpfs virtual memory file system. A local attacker\nwith the ability to specify mount options could use this to cause a denial\nof service (system crash). (CVE-2020-11565)\n\nIt was discovered that the OV51x USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11608)\n\nIt was discovered that the STV06XX USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11609)\n\nIt was discovered that the Xirlink C-It USB Camera device driver in the\nLinux kernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2020-11668)\n\nIt was discovered that the block layer in the Linux kernel contained a race\ncondition leading to a use-after-free vulnerability. A local attacker could\npossibly use this to cause a denial of service (system crash) or execute\narbitrary code. (CVE-2020-12657)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1026-raspi2\", ver:\"5.3.0-1026.28\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-55-generic\", ver:\"5.3.0-55.49\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-55-generic-lpae\", ver:\"5.3.0-55.49\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-55-lowlatency\", ver:\"5.3.0-55.49\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-55-snapdragon\", ver:\"5.3.0-55.49\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"5.3.0.55.47\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"5.3.0.55.47\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"5.3.0.55.47\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"5.3.0.1026.23\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"5.3.0.55.47\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"5.3.0.55.47\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1026-raspi2\", ver:\"5.3.0-1026.28~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2-hwe-18.04\", ver:\"5.3.0.1026.15\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:38:46", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1259)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5848", "CVE-2018-16862", "CVE-2019-3701", "CVE-2019-9213", "CVE-2018-9516", "CVE-2018-10902", "CVE-2019-3819"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191259", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191259", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1259\");\n script_version(\"2020-01-23T11:36:40+0000\");\n script_cve_id(\"CVE-2018-10902\", \"CVE-2018-16862\", \"CVE-2018-5848\", \"CVE-2018-9516\", \"CVE-2019-3701\", \"CVE-2019-3819\", \"CVE-2019-9213\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:36:40 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:36:40 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1259)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1259\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1259\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1259 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. Because of a missing check, the CAN drivers may write arbitrary content beyond the data registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames. This is related to cgw_csum_xor_rel. An unprivileged user can trigger a system crash (general protection fault).(CVE-2019-3701)\n\nA flaw was found in mmap in the Linux kernel allowing the process to map a null page. This allows attackers to abuse this mechanism to turn null pointer dereferences into workable exploits.(CVE-2019-9213)\n\nA security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.CVE-2018-16862\n\nIt was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.CVE-2018-10902\n\nIn the function wmi_set_ie() in the Linux kernel the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the ie_len argument can cause a buffer overflow and thus a memory corruption leading to a system crash or other or unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.CVE-2018-5848\n\nA flaw was found in the Linux kernel in the function hid_debug_events_read() in the drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a user space. A local privileged user ('root') can cause a system lock up and a denial of service.CVE-2019-3819\n\nA flaw was found in the Linux kernel in the hid_debug_events_read() function in the drivers/hid/hid-debug.c file. A lack of the certain checks may allow a privileged user ('root') to achieve an out-of-bounds write and thus receiving user space buffer corruption.CVE-2018-9516\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~514.44.5.10_136\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~514.44.5.10_136\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~514.44.5.10_136\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~514.44.5.10_136\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~514.44.5.10_136\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~514.44.5.10_136\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-28T13:50:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-22T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4369-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2020-11609", "CVE-2019-19769", "CVE-2020-11608", "CVE-2020-11668", "CVE-2019-19377", "CVE-2020-11565", "CVE-2020-12657"], "modified": "2020-05-27T00:00:00", "id": "OPENVAS:1361412562310844443", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844443", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844443\");\n script_version(\"2020-05-27T04:05:03+0000\");\n script_cve_id(\"CVE-2019-19377\", \"CVE-2019-19769\", \"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\", \"CVE-2020-12657\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-27 04:05:03 +0000 (Wed, 27 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-22 03:00:20 +0000 (Fri, 22 May 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4369-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4369-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-May/005444.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4369-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the btrfs implementation in the Linux kernel did not\nproperly detect that a block was marked dirty in some situations. An\nattacker could use this to specially craft a file system image that, when\nunmounted, could cause a denial of service (system crash). (CVE-2019-19377)\n\nTristan Madani discovered that the file locking implementation in the Linux\nkernel contained a race condition. A local attacker could possibly use this\nto cause a denial of service or expose sensitive information.\n(CVE-2019-19769)\n\nIt was discovered that the Serial CAN interface driver in the Linux kernel\ndid not properly initialize data. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2020-11494)\n\nIt was discovered that the linux kernel did not properly validate certain\nmount options to the tmpfs virtual memory file system. A local attacker\nwith the ability to specify mount options could use this to cause a denial\nof service (system crash). (CVE-2020-11565)\n\nIt was discovered that the OV51x USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11608)\n\nIt was discovered that the STV06XX USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11609)\n\nIt was discovered that the Xirlink C-It USB Camera device driver in the\nLinux kernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2020-11668)\n\nIt was discovered that the block layer in the Linux kernel contained a race\ncondition leading to a use-after-free vulnerability. A local attacker could\npossibly use this to cause a denial of service (system crash) or execute\narbitrary code. (CVE-2020-12657)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1017-kvm\", ver:\"5.3.0-1017.19\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1018-oracle\", ver:\"5.3.0-1018.20\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1019-aws\", ver:\"5.3.0-1019.21\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1020-gcp\", ver:\"5.3.0-1020.22\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1025-raspi2\", ver:\"5.3.0-1025.27\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-53-generic\", ver:\"5.3.0-53.47\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-53-generic-lpae\", ver:\"5.3.0-53.47\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-53-lowlatency\", ver:\"5.3.0-53.47\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-53-snapdragon\", ver:\"5.3.0-53.47\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"5.3.0.1019.31\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"5.3.0.1020.31\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"5.3.0.53.45\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"5.3.0.53.45\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"5.3.0.1020.31\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"5.3.0.1017.19\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"5.3.0.53.45\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"5.3.0.1018.33\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"5.3.0.1025.22\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"5.3.0.53.45\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"5.3.0.53.45\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1018-oracle\", ver:\"5.3.0-1018.20~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1019-aws\", ver:\"5.3.0-1019.21~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1020-gcp\", ver:\"5.3.0-1020.22~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1020-gke\", ver:\"5.3.0-1020.22~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-53-generic\", ver:\"5.3.0-53.47~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-53-generic-lpae\", ver:\"5.3.0-53.47~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-53-lowlatency\", ver:\"5.3.0-53.47~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"5.3.0.1019.20\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-edge\", ver:\"5.3.0.1019.20\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"5.3.0.1020.19\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp-edge\", ver:\"5.3.0.1020.19\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-18.04\", ver:\"5.3.0.53.109\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-18.04\", ver:\"5.3.0.53.109\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-5.3\", ver:\"5.3.0.1020.10\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gkeop-5.3\", ver:\"5.3.0.53.109\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-18.04\", ver:\"5.3.0.53.109\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"5.3.0.1018.19\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon-hwe-18.04\", ver:\"5.3.0.53.109\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-18.04\", ver:\"5.3.0.53.109\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-aabdaa013d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3460", "CVE-2018-19824", "CVE-2018-16862", "CVE-2018-18710", "CVE-2019-3701", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880"], "modified": "2019-05-20T00:00:00", "id": "OPENVAS:1361412562310875946", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875946", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875946\");\n script_version(\"2019-05-20T06:45:30+0000\");\n script_cve_id(\"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-20 06:45:30 +0000 (Mon, 20 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:29:09 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-aabdaa013d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-aabdaa013d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F5IYT2ZAPBSYLJVJRJJ6YH6YFE7XIRPB\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-aabdaa013d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.5~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-11T15:49:34", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-03T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1606)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2020-12114", "CVE-2014-8181", "CVE-2020-10942", "CVE-2020-11609", "CVE-2019-9444", "CVE-2019-20636", "CVE-2020-12464", "CVE-2020-12654", "CVE-2020-0066", "CVE-2019-11599", "CVE-2019-19036", "CVE-2020-12653", "CVE-2020-11608", "CVE-2019-16230", "CVE-2019-19377", "CVE-2020-11565", "CVE-2019-14898", "CVE-2020-12652", "CVE-2018-9518", "CVE-2020-12655"], "modified": "2020-06-11T00:00:00", "id": "OPENVAS:1361412562311220201606", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201606", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1606\");\n script_version(\"2020-06-11T08:24:44+0000\");\n script_cve_id(\"CVE-2014-8181\", \"CVE-2018-9518\", \"CVE-2019-14898\", \"CVE-2019-16230\", \"CVE-2019-19036\", \"CVE-2019-19377\", \"CVE-2019-20636\", \"CVE-2019-9444\", \"CVE-2020-0066\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11565\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12652\", \"CVE-2020-12653\", \"CVE-2020-12654\", \"CVE-2020-12655\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-11 08:24:44 +0000 (Thu, 11 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-03 06:05:38 +0000 (Wed, 03 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1606)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1606\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1606\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1606 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.(CVE-2019-19377)\n\nThe fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or get_task_mm calls.(CVE-2019-14898)\n\nA pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x before 4.9.221, 4.14.x before 4.14.178, 4.19.x before 4.19.119, and 5.x before 5.3 allows local users to cause a denial of service (panic) by corrupting a mountpoint reference counter.(CVE-2020-12114)\n\nusb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.(CVE-2020-12464)\n\nThe __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a 'double fetch' vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states 'The security impact of this bug is not as bad as it could have been because these operations are all privileged and root already has enormous destructive power.'(CVE-2020-12652)\n\nAn issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.(CVE-2020-12653)\n\nAn issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.(CVE-2020-12654)\n\nAn issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.(CVE-2020-12655)\n\nIn nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-73083945.(CVE-2018-9518)\n\nAn issue was discovered in slc_bump in d ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~862.14.1.5.h442.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-12T15:37:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4345-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8648", "CVE-2020-9383", "CVE-2020-11884", "CVE-2020-10942", "CVE-2020-11609", "CVE-2019-19768", "CVE-2020-11608", "CVE-2020-11668", "CVE-2019-16234"], "modified": "2020-05-11T00:00:00", "id": "OPENVAS:1361412562310844406", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844406", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844406\");\n script_version(\"2020-05-11T07:05:27+0000\");\n script_cve_id(\"CVE-2020-11884\", \"CVE-2019-16234\", \"CVE-2019-19768\", \"CVE-2020-10942\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11668\", \"CVE-2020-8648\", \"CVE-2020-9383\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-11 07:05:27 +0000 (Mon, 11 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-29 03:00:54 +0000 (Wed, 29 Apr 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4345-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4345-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-April/005410.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4345-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Al Viro discovered that the Linux kernel for s390x systems did not properly\nperform page table upgrades for kernel sections that use secondary address\nmode. A local attacker could use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2020-11884)\n\nIt was discovered that the Intel Wi-Fi driver in the Linux kernel did not\nproperly check for errors in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash).\n(CVE-2019-16234)\n\nTristan Madani discovered that the block I/O tracing implementation in the\nLinux kernel contained a race condition. A local attacker could use this to\ncause a denial of service (system crash) or possibly expose sensitive\ninformation. (CVE-2019-19768)\n\nIt was discovered that the vhost net driver in the Linux kernel contained a\nstack buffer overflow. A local attacker with the ability to perform ioctl()\ncalls on /dev/vhost-net could use this to cause a denial of service (system\ncrash). (CVE-2020-10942)\n\nIt was discovered that the OV51x USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11608)\n\nIt was discovered that the STV06XX USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2020-11609)\n\nIt was discovered that the Xirlink C-It USB Camera device driver in the\nLinux kernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2020-11668)\n\nIt was discovered that the virtual terminal implementation in the Linux\nkernel contained a race condition. A local attacker could possibly use this\nto cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2020-8648)\n\nJordy Zomer discovered that the floppy driver in the Linux kernel did not\nproperly check for errors in some situations. A local attacker could\npossibly use this to cause a denial of service (system crash) or possibly\nexpose sensitive information. (CVE-2020-9383)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1038-oracle\", ver:\"4.15.0-1038.42\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1058-gke\", ver:\"4.15.0-1058.61\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1059-kvm\", ver:\"4.15.0-1059.60\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1061-raspi2\", ver:\"4.15.0-1061.65\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1066-aws\", ver:\"4.15.0-1066.70\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1077-snapdragon\", ver:\"4.15.0-1077.84\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1080-oem\", ver:\"4.15.0-1080.90\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-99-generic\", ver:\"4.15.0-99.100\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-99-generic-lpae\", ver:\"4.15.0-99.100\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-99-lowlatency\", ver:\"4.15.0-99.100\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-lts-18.04\", ver:\"4.15.0.1066.69\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1058.62\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-4.15\", ver:\"4.15.0.1058.62\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.15.0.1059.59\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.1080.84\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle-lts-18.04\", ver:\"4.15.0.1038.47\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.15.0.1061.59\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.15.0.1077.80\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.15.0.99.89\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1038-oracle\", ver:\"4.15.0-1038.42~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1061-gcp\", ver:\"4.15.0-1061.65\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1066-aws\", ver:\"4.15.0-1066.70~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1082-azure\", ver:\"4.15.0-1082.92~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-99-generic\", ver:\"4.15.0-99.100~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-99-generic-lpae\", ver:\"4.15.0-99.100~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-99-lowlatency\", ver:\"4.15.0-99.100~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-hwe\", ver:\"4.15.0.1066.66\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"4.15.0.1082.81\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure-edge\", ver:\"4.15.0.1082.81\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.15.0.1061.75\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.15.0.99.106\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.15.0.99.106\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1061.75\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.15.0.99.106\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.99.106\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"4.15.0.1038.31\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-16.04\", ver:\"4.15.0.99.106\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-96b31a9602", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3460", "CVE-2018-19824", "CVE-2018-16862", "CVE-2018-18710", "CVE-2019-3701", "CVE-2019-3459", "CVE-2019-7308", "CVE-2018-19407", "CVE-2018-16880"], "modified": "2019-05-20T00:00:00", "id": "OPENVAS:1361412562310875801", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875801", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875801\");\n script_version(\"2019-05-20T06:45:30+0000\");\n script_cve_id(\"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2019-7308\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-20 06:45:30 +0000 (Mon, 20 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:21:22 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-96b31a9602\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-96b31a9602\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I46FW633VGVOFMM3OPMFTBOXYGP243AL\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-96b31a9602 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.6~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:36:33", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1131)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10741", "CVE-2018-18281", "CVE-2018-18559", "CVE-2018-10883", "CVE-2019-3701", "CVE-2017-18360", "CVE-2018-20169", "CVE-2018-10902", "CVE-2018-1094", "CVE-2018-10879"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191131", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191131", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1131\");\n script_version(\"2020-01-23T11:32:22+0000\");\n script_cve_id(\"CVE-2016-10741\", \"CVE-2017-18360\", \"CVE-2018-10879\", \"CVE-2018-10883\", \"CVE-2018-10902\", \"CVE-2018-1094\", \"CVE-2018-18281\", \"CVE-2018-18559\", \"CVE-2018-20169\", \"CVE-2019-3701\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:32:22 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:32:22 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1131)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1131\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1131\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1131 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A division-by-zero in set_termios(), when debugging is enabled, was found in the Linux kernel. When the [io_ti] driver is loaded, a local unprivileged attacker can request incorrect high transfer speed in the change_port_settings() in the drivers/usb/serial/io_ti.c so that the divisor value becomes zero and causes a system crash resulting in a denial of service. (CVE-2017-18360)\n\nSince Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused.(CVE-2018-18281)\n\nA flaw was discovered in the Linux kernel's USB subsystem in the __usb_get_extra_descriptor() function in the drivers/usb/core/usb.c which mishandles a size check during the reading of an extra descriptor data. By using a specially crafted USB device which sends a forged extra descriptor, an unprivileged user with physical access to the system can potentially cause a privilege escalation or trigger a system crash or lock up and thus to cause a denial of service (DoS).(CVE-2018-20169)\n\nIt was found that the Linux kernel can hit a BUG_ON() statement in the __xfs_get_blocks() in the fs/xfs/xfs_aops.c because of a race condition between direct and memory-mapped I/O associated with a hole in a file that is handled with BUG_ON() instead of an I/O failure. This allows a local unprivileged attacker to cause a system crash and a denial of service.(CVE-2016-10741)\n\nA use-after-free flaw can occur in the Linux kernel due to a race condition between packet_do_bind() and packet_notifier() functions called for an AF_PACKET socket. An unprivileged, local user could use this flaw to induce kernel memory corruption on the system, leading to an unresponsive system or to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. (CVE-2018-18559)\n\nAn issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. Because of a missing check, the CAN drivers may write arbitrary content beyond the data registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames. This is related to cgw_csum_xor_rel. An unprivileged user can trigger a system crash (general protection fault).(CVE-2019-3701)\n\nA flaw was found in the Linux kernel's ext4 filesystem. A local use ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~327.62.59.83.h140\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~327.62.59.83.h140\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~327.62.59.83.h140\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~327.62.59.83.h140\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~327.62.59.83.h140\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~327.62.59.83.h140\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~327.62.59.83.h140\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~327.62.59.83.h140\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~327.62.59.83.h140\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~327.62.59.83.h140\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~327.62.59.83.h140\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-164946aa7f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-3460", "CVE-2018-19824", "CVE-2018-16862", "CVE-2018-18710", "CVE-2019-7221", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880"], "modified": "2019-05-20T00:00:00", "id": "OPENVAS:1361412562310875628", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875628", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875628\");\n script_version(\"2019-05-20T06:45:30+0000\");\n script_cve_id(\"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-20 06:45:30 +0000 (Mon, 20 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:13:18 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-164946aa7f\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-164946aa7f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-164946aa7f advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.8~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-7bdeed7fc5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-3460", "CVE-2018-19824", "CVE-2019-8912", "CVE-2018-16862", "CVE-2018-18710", "CVE-2019-7221", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875834", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875834", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875834\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:22:54 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-7bdeed7fc5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-7bdeed7fc5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHPV6YAVRZGELKIO7LYXJNKRFHMOJJP7\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-7bdeed7fc5 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.11~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:37:28", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1028)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1108", "CVE-2018-10880", "CVE-2018-10878", "CVE-2018-18690", "CVE-2018-10881", "CVE-2013-3076", "CVE-2019-3701", "CVE-2018-17972", "CVE-2018-18386", "CVE-2018-16658", "CVE-2018-14633", "CVE-2018-14646"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191028", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191028", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1028\");\n script_version(\"2020-01-23T15:42:05+0000\");\n script_cve_id(\"CVE-2013-3076\", \"CVE-2018-10878\", \"CVE-2018-10880\", \"CVE-2018-10881\", \"CVE-2018-1108\", \"CVE-2018-14633\", \"CVE-2018-14646\", \"CVE-2018-16658\", \"CVE-2018-17972\", \"CVE-2018-18386\", \"CVE-2018-18690\", \"CVE-2019-3701\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 15:42:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:28:10 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1028)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1028\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1028\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1028 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.(CVE-2018-10878)\n\nAn issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. Because of a missing check, the CAN drivers may write arbitrary content beyond the data registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames. This is related to cgw_csum_xor_rel. An unprivileged user can trigger a system crash (general protection fault).(CVE-2019-3701)\n\nA flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.(CVE-2018-10881)\n\nA flaw was found in the Linux kernel's ext4 filesystem code. A stack-out-of-bounds write in ext4_update_inline_data() is possible when mounting and writing to a crafted ext4 image. An attacker could use this to cause a system crash and a denial of service.(CVE-2018-10880)\n\nThe crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recvmsg function in crypto/algif_hash.c and the skcipher_recvmsg function in crypto/algif_skcipher.c.(CVE-2013-3076)\n\n weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated.(CVE-2018-1108)\n\nAn issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel. An attacker with a local account can trick the stack unwinder code to leak stack contents to userspace. The fix allows only root to inspect the kernel stack of an arbitrary task.(CVE-2018-17972)\n\nA security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architectu ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.0.1.h80.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~862.14.0.1.h80.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~862.14.0.1.h80.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.0.1.h80.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.0.1.h80.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.0.1.h80.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.0.1.h80.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~862.14.0.1.h80.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~862.14.0.1.h80.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 8.3, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:C"}}], "nessus": [{"lastseen": "2023-05-18T14:59:28", "description": "The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2020-11669: An issue was discovered on the powerpc platform. arch/powerpc/kernel/idle_book3s.S did not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka CID-53a712bae5dd (bnc#1169390).\n\n - CVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_(save,restore)_tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to panic. There were two commits that, according to the reporter, introduced the vulnerability: f024ee098476 ('KVM: PPC: Book3S HV:\n Pull out TM state save/restore into separate procedures') 87a11bb6a7f7 ('KVM: PPC: Book3S HV: Work around XER[SO] bug in fake suspend mode') (bnc#1168276).\n\n - CVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4 (bnc#1168424).\n\n - CVE-2019-9458: In the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation (bnc#1168295).\n\n - CVE-2019-3701: An issue was discovered in can_can_gw_rcv in net/can/gw.c. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user 'root' with CAP_NET_ADMIN can create a CAN frame modification rule that made the data length code a higher value than the available CAN frame data size. In combination with a configured checksum calculation where the result is stored relatively to the end of the data (e.g.\n cgw_csum_xor_rel) the tail of the skb (e.g. frag_list pointer in skb_shared_info) can be rewritten which finally can cause a system crash. Because of a missing check, the CAN drivers may write arbitrary content beyond the data registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames (bnc#1120386).\n\n - CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacked validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bnc#1167629).\n\n - CVE-2019-19770: A use-after-free in the debugfs_remove function in fs/debugfs/inode.c was fixed. (bnc#1159198).\n\nThe following non-security bugs were fixed :\n\n - ACPI: watchdog: Fix gas->access_width usage (bsc#1051510).\n\n - ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro (bsc#1051510).\n\n - ALSA: ali5451: remove redundant variable capture_flag (bsc#1051510).\n\n - ALSA: core: Add snd_device_get_state() helper (bsc#1051510).\n\n - ALSA: core: Replace zero-length array with flexible-array member (bsc#1051510).\n\n - ALSA: emu10k1: Fix endianness annotations (bsc#1051510).\n\n - ALSA: hda/ca0132 - Add Recon3Di quirk to handle integrated sound on EVGA X99 Classified motherboard (bsc#1051510).\n\n - ALSA: hda/ca0132 - Replace zero-length array with flexible-array member (bsc#1051510).\n\n - ALSA: hda/realtek - Enable headset mic of Acer X2660G with ALC662 (git-fixes).\n\n - ALSA: hda/realtek - Enable the headset of Acer N50-600 with ALC662 (git-fixes).\n\n - ALSA: hda/realtek - Remove now-unnecessary XPS 13 headphone noise fixups (bsc#1051510).\n\n - ALSA: hda/realtek - Set principled PC Beep configuration for ALC256 (bsc#1051510).\n\n - ALSA: hda/realtek - a fake key event is triggered by running shutup (bsc#1051510).\n\n - ALSA: hda/realtek: Enable mute LED on an HP system (bsc#1051510).\n\n - ALSA: hda/realtek: Fix pop noise on ALC225 (git-fixes).\n\n - ALSA: hda: Fix potential access overflow in beep helper (bsc#1051510).\n\n - ALSA: hda: Use scnprintf() for string truncation (bsc#1051510).\n\n - ALSA: hda: default enable CA0132 DSP support (bsc#1051510).\n\n - ALSA: hda: remove redundant assignment to variable timeout (bsc#1051510).\n\n - ALSA: hda_codec: Replace zero-length array with flexible-array member (bsc#1051510).\n\n - ALSA: hdsp: remove redundant assignment to variable err (bsc#1051510).\n\n - ALSA: ice1724: Fix invalid access for enumerated ctl items (bsc#1051510).\n\n - ALSA: info: remove redundant assignment to variable c (bsc#1051510).\n\n - ALSA: korg1212: fix if-statement empty body warnings (bsc#1051510).\n\n - ALSA: line6: Fix endless MIDI read loop (git-fixes).\n\n - ALSA: pcm.h: add for_each_pcm_streams() (bsc#1051510).\n\n - ALSA: pcm: Fix superfluous snprintf() usage (bsc#1051510).\n\n - ALSA: pcm: Use a macro for parameter masks to reduce the needed cast (bsc#1051510).\n\n - ALSA: pcm: oss: Avoid plugin buffer overflow (git-fixes).\n\n - ALSA: pcm: oss: Fix regression by buffer overflow fix (bsc#1051510).\n\n - ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks (git-fixes).\n\n - ALSA: pcm: oss: Unlock mutex temporarily for sleeping at read/write (bsc#1051510).\n\n - ALSA: seq: oss: Fix running status after receiving sysex (git-fixes).\n\n - ALSA: seq: virmidi: Fix running status after receiving sysex (git-fixes).\n\n - ALSA: usb-audio: Add delayed_register option (bsc#1051510).\n\n - ALSA: usb-audio: Add support for MOTU MicroBook IIc (bsc#1051510).\n\n - ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8) (bsc#1051510).\n\n - ALSA: usb-audio: Do not create a mixer element with bogus volume range (bsc#1051510).\n\n - ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor (bsc#1051510).\n\n - ALSA: usb-audio: Fix mixer controls' USB interface for Kingston HyperX Amp (0951:16d8) (bsc#1051510).\n\n - ALSA: usb-audio: Inform devices that need delayed registration (bsc#1051510).\n\n - ALSA: usb-audio: Parse source ID of UAC2 effect unit (bsc#1051510).\n\n - ALSA: usb-audio: Rewrite registration quirk handling (bsc#1051510).\n\n - ALSA: usb-midi: Replace zero-length array with flexible-array member (bsc#1051510).\n\n - ALSA: usx2y: use for_each_pcm_streams() macro (bsc#1051510).\n\n - ALSA: via82xx: Fix endianness annotations (bsc#1051510).\n\n - ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map() (bsc#1051510).\n\n - ASoC: Intel: mrfld: fix incorrect check on p->sink (bsc#1051510).\n\n - ASoC: Intel: mrfld: return error codes when an error occurs (bsc#1051510).\n\n - ASoC: jz4740-i2s: Fix divider written at incorrect offset in register (bsc#1051510).\n\n - ASoC: sun8i-codec: Remove unused dev from codec struct (bsc#1051510).\n\n - Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl (bsc#1051510).\n\n - Btrfs: clean up error handling in btrfs_truncate() (bsc#1165949).\n\n - Btrfs: do not reset bio->bi_ops while writing bio (bsc#1168273).\n\n - Btrfs: fix missing delayed iputs on unmount (bsc#1165949).\n\n - Btrfs: fix qgroup double free after failure to reserve metadata for delalloc (bsc#1165949).\n\n - Btrfs: fix race leading to metadata space leak after task received signal (bsc#1165949).\n\n - Btrfs: fix unwritten extent buffers and hangs on future writeback attempts (bsc#1168273).\n\n - Btrfs: make plug in writing meta blocks really work (bsc#1168273).\n\n - Btrfs: only check delayed ref usage in should_end_transaction (bsc#1165949).\n\n - Btrfs: remove bio_flags which indicates a meta block of log-tree (bsc#1168273).\n\n - Crypto: chelsio - Fixes a deadlock between rtnl_lock and uld_mutex (bsc#1111666).\n\n - Crypto: chelsio - Fixes a hang issue during driver registration (bsc#1111666).\n\n - Deprecate NR_UNSTABLE_NFS, use NR_WRITEBACK (bsc#1163403).\n\n - HID: apple: Add support for recent firmware on Magic Keyboards (bsc#1051510).\n\n - IB/hfi1: convert to debugfs_file_get() and -put() (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - Input: add safety guards to input_set_keycode() (bsc#1168075).\n\n - Input: avoid BIT() macro usage in the serio.h UAPI header (bsc#1051510).\n\n - Input: raydium_i2c_ts - fix error codes in raydium_i2c_boot_trigger() (bsc#1051510).\n\n - Input: synaptics - enable RMI on HP Envy 13-ad105ng (bsc#1051510).\n\n - MM: replace PF_LESS_THROTTLE with PF_LOCAL_THROTTLE (bsc#1163403).\n\n - NFC: fdp: Fix a signedness bug in fdp_nci_send_patch() (bsc#1051510).\n\n - NFS: send state management on a single connection (bsc#1167005).\n\n - OMAP: DSS2: remove non-zero check on variable r (bsc#1114279)\n\n - PCI/AER: Factor message prefixes with dev_fmt() (bsc#1161561).\n\n - PCI/AER: Log which device prevents error recovery (bsc#1161561).\n\n - PCI/AER: Remove ERR_FATAL code from ERR_NONFATAL path (bsc#1161561).\n\n - PCI/ASPM: Clear the correct bits when enabling L1 substates (bsc#1051510).\n\n - PCI/ERR: Always report current recovery status for udev (bsc#1161561).\n\n - PCI/ERR: Handle fatal error recovery (bsc#1161561).\n\n - PCI/ERR: Remove duplicated include from err.c (bsc#1161561).\n\n - PCI/ERR: Simplify broadcast callouts (bsc#1161561).\n\n - PCI/portdrv: Remove pcie_port_bus_type link order dependency (bsc#1161561).\n\n - PCI/switchtec: Fix init_completion race condition with poll_wait() (bsc#1051510).\n\n - PCI: Simplify disconnected marking (bsc#1161561).\n\n - PCI: Unify device inaccessible (bsc#1161561).\n\n - PCI: endpoint: Fix clearing start entry in configfs (bsc#1051510).\n\n - PCI: pciehp: Fix MSI interrupt race (bsc#1159037).\n\n - PCI: portdrv: Initialize service drivers directly (bsc#1161561).\n\n - PM: core: Fix handling of devices deleted during system-wide resume (git-fixes).\n\n - SUNRPC: defer slow parts of rpc_free_client() to a workqueue (bsc#1168202).\n\n - USB: Disable LPM on WD19's Realtek Hub (git-fixes).\n\n - USB: Fix novation SourceControl XL after suspend (git-fixes).\n\n - USB: cdc-acm: fix rounding error in TIOCSSERIAL (git-fixes).\n\n - USB: hub: Do not record a connect-change event during reset-resume (git-fixes).\n\n - USB: misc: iowarrior: add support for 2 OEMed devices (git-fixes).\n\n - USB: misc: iowarrior: add support for the 100 device (git-fixes).\n\n - USB: misc: iowarrior: add support for the 28 and 28L devices (git-fixes).\n\n - USB: serial: io_edgeport: fix slab-out-of-bounds read in edge_interrupt_callback (bsc#1051510).\n\n - USB: serial: option: add ME910G1 ECM composition 0x110b (git-fixes).\n\n - USB: serial: pl2303: add device-id for HP LD381 (git-fixes).\n\n - ahci: Add support for Amazon's Annapurna Labs SATA controller (bsc#1169013).\n\n - apei/ghes: Do not delay GHES polling (bsc#1166982).\n\n - ath9k: Handle txpower changes even when TPC is disabled (bsc#1051510).\n\n - batman-adv: Avoid spurious warnings from bat_v neigh_cmp implementation (bsc#1051510).\n\n - batman-adv: Do not schedule OGM for disabled interface (bsc#1051510).\n\n - batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs (bsc#1051510).\n\n - binfmt_elf: Do not move brk for INTERP-less ET_EXEC (bsc#1169013).\n\n - binfmt_elf: move brk out of mmap when doing direct loader exec (bsc#1169013).\n\n - blk-mq: Allow blocking queue tag iter callbacks (bsc#1167316).\n\n - block, bfq: fix use-after-free in bfq_idle_slice_timer_body (bsc#1168760).\n\n - block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices (bsc#1168762).\n\n - bnxt_en: Support all variants of the 5750X chip family (bsc#1167216).\n\n - bpf: Explicitly memset some bpf info structures declared on the stack (bsc#1083647).\n\n - bpf: Explicitly memset the bpf_attr structure (bsc#1083647).\n\n - brcmfmac: abort and release host after error (bsc#1111666).\n\n - btrfs: Account for trans_block_rsv in may_commit_transaction (bsc#1165949).\n\n - btrfs: Add enospc_debug printing in metadata_reserve_bytes (bsc#1165949).\n\n - btrfs: Do mandatory tree block check before submitting bio (bsc#1168273).\n\n - btrfs: Improve global reserve stealing logic (bsc#1165949).\n\n - btrfs: Output ENOSPC debug info in inc_block_group_ro (bsc#1165949).\n\n - btrfs: Remove btrfs_inode::delayed_iput_count (bsc#1165949).\n\n - btrfs: Remove fs_info from do_chunk_alloc (bsc#1165949).\n\n - btrfs: Remove redundant argument of flush_space (bsc#1165949).\n\n - btrfs: Remove redundant mirror_num arg (bsc#1168273).\n\n - btrfs: Rename bin_search -> btrfs_bin_search (bsc#1168273).\n\n - btrfs: add a flush step for delayed iputs (bsc#1165949).\n\n - btrfs: add assertions for releasing trans handle reservations (bsc#1165949).\n\n - btrfs: add btrfs_delete_ref_head helper (bsc#1165949).\n\n - btrfs: add enospc debug messages for ticket failure (bsc#1165949).\n\n - btrfs: add new flushing states for the delayed refs rsv (bsc#1165949).\n\n - btrfs: add space reservation tracepoint for reserved bytes (bsc#1165949).\n\n - btrfs: adjust dirty_metadata_bytes after writeback failure of extent buffer (bsc#1168273).\n\n - btrfs: allow us to use up to 90% of the global rsv for unlink (bsc#1165949).\n\n - btrfs: always reserve our entire size for the global reserve (bsc#1165949).\n\n - btrfs: assert on non-empty delayed iputs (bsc##1165949).\n\n - btrfs: be more explicit about allowed flush states (bsc#1165949).\n\n - btrfs: call btrfs_create_pending_block_groups unconditionally (bsc#1165949).\n\n - btrfs: catch cow on deleting snapshots (bsc#1165949).\n\n - btrfs: change the minimum global reserve size (bsc#1165949).\n\n - btrfs: check if there are free block groups for commit (bsc#1165949).\n\n - btrfs: cleanup extent_op handling (bsc#1165949).\n\n - btrfs: cleanup root usage by btrfs_get_alloc_profile (bsc#1165949).\n\n - btrfs: cleanup the target logic in\n __btrfs_block_rsv_release (bsc#1165949).\n\n - btrfs: clear space cache inode generation always (bsc#1165949).\n\n - btrfs: delayed-ref: pass delayed_refs directly to btrfs_delayed_ref_lock (bsc#1165949).\n\n - btrfs: do not account global reserve in can_overcommit (bsc#1165949).\n\n - btrfs: do not allow reservations if we have pending tickets (bsc#1165949).\n\n - btrfs: do not call btrfs_start_delalloc_roots in flushoncommit (bsc#1165949).\n\n - btrfs: do not end the transaction for delayed refs in throttle (bsc#1165949).\n\n - btrfs: do not enospc all tickets on flush failure (bsc#1165949).\n\n - btrfs: do not run delayed refs in the end transaction logic (bsc#1165949).\n\n - btrfs: do not run delayed_iputs in commit (bsc##1165949).\n\n - btrfs: do not use ctl->free_space for max_extent_size (bsc##1165949).\n\n - btrfs: do not use global reserve for chunk allocation (bsc#1165949).\n\n - btrfs: drop get_extent from extent_page_data (bsc#1168273).\n\n - btrfs: drop min_size from evict_refill_and_join (bsc##1165949).\n\n - btrfs: drop unused space_info parameter from create_space_info (bsc#1165949).\n\n - btrfs: dump block_rsv details when dumping space info (bsc#1165949).\n\n - btrfs: export __btrfs_block_rsv_release (bsc#1165949).\n\n - btrfs: export block group accounting helpers (bsc#1165949).\n\n - btrfs: export block_rsv_use_bytes (bsc#1165949).\n\n - btrfs: export btrfs_block_rsv_add_bytes (bsc#1165949).\n\n - btrfs: export space_info_add_*_bytes (bsc#1165949).\n\n - btrfs: export the block group caching helpers (bsc#1165949).\n\n - btrfs: export the caching control helpers (bsc#1165949).\n\n - btrfs: export the excluded extents helpers (bsc#1165949).\n\n - btrfs: extent-tree: Add lockdep assert when updating space info (bsc#1165949).\n\n - btrfs: extent-tree: Add trace events for space info numbers update (bsc#1165949).\n\n - btrfs: extent-tree: Detect bytes_may_use underflow earlier (bsc#1165949).\n\n - btrfs: extent-tree: Detect bytes_pinned underflow earlier (bsc#1165949).\n\n - btrfs: extent_io: Handle errors better in btree_write_cache_pages() (bsc#1168273).\n\n - btrfs: extent_io: Handle errors better in extent_write_full_page() (bsc#1168273).\n\n - btrfs: extent_io: Handle errors better in extent_write_locked_range() (bsc#1168273).\n\n - btrfs: extent_io: Handle errors better in extent_writepages() (bsc#1168273).\n\n - btrfs: extent_io: Kill dead condition in extent_write_cache_pages() (bsc#1168273).\n\n - btrfs: extent_io: Kill the forward declaration of flush_write_bio (bsc#1168273).\n\n - btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up (bsc#1168273).\n\n - btrfs: extent_io: add proper error handling to lock_extent_buffer_for_io() (bsc#1168273).\n\n - btrfs: factor our read/write stage off csum_tree_block into its callers (bsc#1168273).\n\n - btrfs: factor out the ticket flush handling (bsc#1165949).\n\n - btrfs: fix insert_reserved error handling (bsc##1165949).\n\n - btrfs: fix may_commit_transaction to deal with no partial filling (bsc#1165949).\n\n - btrfs: fix truncate throttling (bsc#1165949).\n\n - btrfs: force chunk allocation if our global rsv is larger than metadata (bsc#1165949).\n\n - btrfs: introduce an evict flushing state (bsc#1165949).\n\n - btrfs: introduce delayed_refs_rsv (bsc#1165949).\n\n - btrfs: loop in inode_rsv_refill (bsc#1165949).\n\n - btrfs: make btrfs_destroy_delayed_refs use btrfs_delayed_ref_lock (bsc#1165949).\n\n - btrfs: make btrfs_destroy_delayed_refs use btrfs_delete_ref_head (bsc#1165949).\n\n - btrfs: make caching_thread use btrfs_find_next_key (bsc#1165949).\n\n - btrfs: merge two flush_write_bio helpers (bsc#1168273).\n\n - btrfs: migrate btrfs_trans_release_chunk_metadata (bsc#1165949).\n\n - btrfs: migrate inc/dec_block_group_ro code (bsc#1165949).\n\n - btrfs: migrate nocow and reservation helpers (bsc#1165949).\n\n - btrfs: migrate the alloc_profile helpers (bsc#1165949).\n\n - btrfs: migrate the block group caching code (bsc#1165949).\n\n - btrfs: migrate the block group cleanup code (bsc#1165949).\n\n - btrfs: migrate the block group lookup code (bsc#1165949).\n\n - btrfs: migrate the block group read/creation code (bsc#1165949).\n\n - btrfs: migrate the block group ref counting stuff (bsc#1165949).\n\n - btrfs: migrate the block group removal code (bsc#1165949).\n\n - btrfs: migrate the block group space accounting helpers (bsc#1165949).\n\n - btrfs: migrate the block-rsv code to block-rsv.c (bsc#1165949).\n\n - btrfs: migrate the chunk allocation code (bsc#1165949).\n\n - btrfs: migrate the delalloc space stuff to it's own home (bsc#1165949).\n\n - btrfs: migrate the delayed refs rsv code (bsc#1165949).\n\n - btrfs: migrate the dirty bg writeout code (bsc#1165949).\n\n - btrfs: migrate the global_block_rsv helpers to block-rsv.c (bsc#1165949).\n\n - btrfs: move and export can_overcommit (bsc#1165949).\n\n - btrfs: move basic block_group definitions to their own header (bsc#1165949).\n\n - btrfs: move btrfs_add_free_space out of a header file (bsc#1165949).\n\n - btrfs: move btrfs_block_rsv definitions into it's own header (bsc#1165949).\n\n - btrfs: move btrfs_raid_group values to btrfs_raid_attr table (bsc#1165949).\n\n - btrfs: move btrfs_space_info_add_*_bytes to space-info.c (bsc#1165949).\n\n - btrfs: move dump_space_info to space-info.c (bsc#1165949).\n\n - btrfs: move reserve_metadata_bytes and supporting code to space-info.c (bsc#1165949).\n\n - btrfs: move space_info to space-info.h (bsc#1165949).\n\n - btrfs: move the space info update macro to space-info.h (bsc#1165949).\n\n - btrfs: move the space_info handling code to space-info.c (bsc#1165949).\n\n - btrfs: move the subvolume reservation stuff out of extent-tree.c (bsc#1165949).\n\n - btrfs: only check priority tickets for priority flushing (bsc#1165949).\n\n - btrfs: only free reserved extent if we didn't insert it (bsc##1165949).\n\n - btrfs: only reserve metadata_size for inodes (bsc#1165949).\n\n - btrfs: only track ref_heads in delayed_ref_updates (bsc#1165949).\n\n - btrfs: pass root to various extent ref mod functions (bsc#1165949).\n\n - btrfs: qgroup: Do not hold qgroup_ioctl_lock in btrfs_qgroup_inherit() (bsc#1165823).\n\n - btrfs: qgroup: Mark qgroup inconsistent if we're inherting snapshot to a new qgroup (bsc#1165823).\n\n - btrfs: refactor block group replication factor calculation to a helper (bsc#1165949).\n\n - btrfs: refactor priority_reclaim_metadata_space (bsc#1165949).\n\n - btrfs: refactor the ticket wakeup code (bsc#1165949).\n\n - btrfs: release metadata before running delayed refs (bsc##1165949).\n\n - btrfs: remove orig_bytes from reserve_ticket (bsc#1165949).\n\n - btrfs: rename btrfs_space_info_add_old_bytes (bsc#1165949).\n\n - btrfs: rename do_chunk_alloc to btrfs_chunk_alloc (bsc#1165949).\n\n - btrfs: rename the btrfs_calc_*_metadata_size helpers (bsc#1165949).\n\n - btrfs: replace cleaner_delayed_iput_mutex with a waitqueue (bsc#1165949).\n\n - btrfs: reserve delalloc metadata differently (bsc#1165949).\n\n - btrfs: reserve extra space during evict (bsc#1165949).\n\n - btrfs: reset max_extent_size on clear in a bitmap (bsc##1165949).\n\n - btrfs: reset max_extent_size properly (bsc##1165949).\n\n - btrfs: rework btrfs_check_space_for_delayed_refs (bsc#1165949).\n\n - btrfs: rework wake_all_tickets (bsc#1165949).\n\n - btrfs: roll tracepoint into btrfs_space_info_update helper (bsc#1165949).\n\n - btrfs: run btrfs_try_granting_tickets if a priority ticket fails (bsc#1165949).\n\n - btrfs: run delayed iput at unlink time (bsc#1165949).\n\n - btrfs: run delayed iputs before committing (bsc#1165949).\n\n - btrfs: set max_extent_size properly (bsc##1165949).\n\n - btrfs: sink extent_write_full_page tree argument (bsc#1168273).\n\n - btrfs: sink extent_write_locked_range tree parameter (bsc#1168273).\n\n - btrfs: sink flush_fn to extent_write_cache_pages (bsc#1168273).\n\n - btrfs: sink get_extent parameter to extent_write_full_page (bsc#1168273).\n\n - btrfs: sink get_extent parameter to extent_write_locked_range (bsc#1168273).\n\n - btrfs: sink get_extent parameter to extent_fiemap (bsc#1168273).\n\n - btrfs: sink get_extent parameter to extent_readpages (bsc#1168273).\n\n - btrfs: sink get_extent parameter to extent_writepages (bsc#1168273).\n\n - btrfs: sink get_extent parameter to get_extent_skip_holes (bsc#1168273).\n\n - btrfs: sink writepage parameter to extent_write_cache_pages (bsc#1168273).\n\n - btrfs: stop partially refilling tickets when releasing space (bsc#1165949).\n\n - btrfs: stop using block_rsv_release_bytes everywhere (bsc#1165949).\n\n - btrfs: switch to on-stack csum buffer in csum_tree_block (bsc#1168273).\n\n - btrfs: temporarily export btrfs_get_restripe_target (bsc#1165949).\n\n - btrfs: temporarily export fragment_free_space (bsc#1165949).\n\n - btrfs: temporarily export inc_block_group_ro (bsc#1165949).\n\n - btrfs: track DIO bytes in flight (bsc#1165949).\n\n - btrfs: tree-checker: Remove comprehensive root owner check (bsc#1168273).\n\n - btrfs: unexport can_overcommit (bsc#1165949).\n\n - btrfs: unexport the temporary exported functions (bsc#1165949).\n\n - btrfs: unify error handling for ticket flushing (bsc#1165949).\n\n - btrfs: unify extent_page_data type passed as void (bsc#1168273).\n\n - btrfs: update may_commit_transaction to use the delayed refs rsv (bsc#1165949).\n\n - btrfs: use btrfs_try_granting_tickets in update_global_rsv (bsc#1165949).\n\n - btrfs: wait on caching when putting the bg cache (bsc#1165949).\n\n - btrfs: wait on ordered extents on abort cleanup (bsc#1165949).\n\n - btrfs: wakeup cleaner thread when adding delayed iput (bsc#1165949).\n\n - ceph: canonicalize server path in place (bsc#1168443).\n\n - ceph: check POOL_FLAG_FULL/NEARFULL in addition to OSDMAP_FULL/NEARFULL (bsc#1169307).\n\n - ceph: remove the extra slashes in the server path (bsc#1168443).\n\n - cfg80211: check reg_rule for NULL in handle_channel_custom() (bsc#1051510).\n\n - cfg80211: check wiphy driver existence for drvinfo report (bsc#1051510).\n\n - cgroup: memcg: net: do not associate sock with unrelated cgroup (bsc#1167290).\n\n - cifs: ignore cached share root handle closing errors (bsc#1166780).\n\n - clk: imx: Align imx sc clock msg structs to 4 (bsc#1111666).\n\n - clk: imx: Align imx sc clock msg structs to 4 (git-fixes).\n\n - clk: qcom: rcg: Return failure for RCG update (bsc#1051510).\n\n - configfs: Fix bool initialization/comparison (bsc#1051510).\n\n - cpufreq: Register drivers only after CPU devices have been registered (bsc#1051510).\n\n - cpuidle: Do not unset the driver if it is there already (bsc#1051510).\n\n - crypto: arm64/sha-ce - implement export/import (bsc#1051510).\n\n - crypto: mxs-dcp - fix scatterlist linearization for hash (bsc#1051510).\n\n - crypto: tcrypt - fix printed skcipher [a]sync mode (bsc#1051510).\n\n - debugfs: add support for more elaborate ->d_fsdata (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - debugfs: call debugfs_real_fops() only after debugfs_file_get() (bsc#1159198 bsc#1109911).\n Prerequisite for bsc#1159198.\n\n - debugfs: call debugfs_real_fops() only after debugfs_file_get() (bsc#1159198). Prerequisite for bsc#1159198.\n\n - debugfs: convert to debugfs_file_get() and -put() (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - debugfs: debugfs_real_fops(): drop __must_hold sparse annotation (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - debugfs: debugfs_use_start/finish do not exist anymore (bsc#1159198). Prerequisite for bsc#1159198.\n\n - debugfs: defer debugfs_fsdata allocation to first usage (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - debugfs: defer debugfs_fsdata allocation to first usage (bsc#1159198). Prerequisite for bsc#1159198.\n\n - debugfs: fix debugfs_real_fops() build error (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - debugfs: implement per-file removal protection (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - debugfs: purge obsolete SRCU based removal protection (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - debugfs: simplify __debugfs_remove_file() (bsc#1159198).\n Prerequisite for bsc#1159198.\n\n - dmaengine: ste_dma40: fix unneeded variable warning (bsc#1051510).\n\n - drm/amd/amdgpu: Fix GPR read from debugfs (v2) (bsc#1113956)\n\n - drm/amd/display: Add link_rate quirk for Apple 15' MBP 2017 (bsc#1111666).\n\n - drm/amd/display: Fix wrongly passed static prefix (bsc#1111666).\n\n - drm/amd/display: remove duplicated assignment to grph_obj_type (bsc#1051510).\n\n - drm/amdgpu: fix typo for vcn1 idle check (bsc#1111666).\n\n - drm/bochs: downgrade pci_request_region failure from error to warning (bsc#1051510).\n\n - drm/bridge: dw-hdmi: fix AVI frame colorimetry (bsc#1051510).\n\n - drm/drm_dp_mst:remove set but not used variable 'origlen' (bsc#1051510).\n\n - drm/exynos: dsi: fix workaround for the legacy clock name (bsc#1111666).\n\n - drm/exynos: dsi: propagate error value and silence meaningless warning (bsc#1111666).\n\n - drm/lease: fix WARNING in idr_destroy (bsc#1113956)\n\n - drm/msm: Set dma maximum segment size for mdss (bsc#1051510).\n\n - drm/msm: Use the correct dma_sync calls harder (bsc#1051510).\n\n - drm/msm: Use the correct dma_sync calls in msm_gem (bsc#1051510).\n\n - drm/msm: stop abusing dma_map/unmap for cache (bsc#1051510).\n\n - drm/sun4i: dsi: Use NULL to signify 'no panel' (bsc#1111666).\n\n - drm/v3d: Replace wait_for macros to remove use of msleep (bsc#1111666).\n\n - drm/vc4: Fix HDMI mode validation (git-fixes).\n\n - drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read() (bsc#1051510).\n\n - dt-bindings: allow up to four clocks for orion-mdio (bsc#1051510).\n\n - efi: Do not attempt to map RCI2 config table if it does not exist (jsc#ECO-366, bsc#1168367).\n\n - efi: Export Runtime Configuration Interface table to sysfs (jsc#ECO-366, bsc#1168367).\n\n - efi: Fix a race and a buffer overflow while reading efivars via sysfs (bsc#1164893).\n\n - efi: x86: move efi_is_table_address() into arch/x86 (jsc#ECO-366, bsc#1168367).\n\n - ext4: Avoid ENOSPC when avoiding to reuse recently deleted inodes (bsc#1165019).\n\n - ext4: Check for non-zero journal inum in ext4_calculate_overhead (bsc#1167288).\n\n - ext4: add cond_resched() to __ext4_find_entry() (bsc#1166862).\n\n - ext4: do not assume that mmp_nodename/bdevname have NUL (bsc#1166860).\n\n - ext4: fix a data race in EXT4_I(inode)->i_disksize (bsc#1166861).\n\n - ext4: fix incorrect group count in ext4_fill_super error message (bsc#1168765).\n\n - ext4: fix incorrect inodes per group in error message (bsc#1168764).\n\n - ext4: fix potential race between online resizing and write operations (bsc#1166864).\n\n - ext4: fix potential race between s_flex_groups online resizing and access (bsc#1166867).\n\n - ext4: fix potential race between s_group_info online resizing and access (bsc#1166866).\n\n - ext4: fix race between writepages and enabling EXT4_EXTENTS_FL (bsc#1166870).\n\n - ext4: fix support for inode sizes > 1024 bytes (bsc#1164284).\n\n - ext4: potential crash on allocation error in ext4_alloc_flex_bg_array() (bsc#1166940).\n\n - ext4: rename s_journal_flag_rwsem to s_writepages_rwsem (bsc#1166868).\n\n - ext4: validate the debug_want_extra_isize mount option at parse time (bsc#1163897).\n\n - fat: fix uninit-memory access for partial initialized inode (bsc#1051510).\n\n - fat: work around race with userspace's read via blockdev while mounting (bsc#1051510).\n\n - fbdev/g364fb: Fix build failure (bsc#1051510).\n\n - fbdev: potential information leak in do_fb_ioctl() (bsc#1114279)\n\n - fbmem: Adjust indentation in fb_prepare_logo and fb_blank (bsc#1114279)\n\n - firmware: arm_sdei: fix double-lock on hibernate with shared events (bsc#1111666).\n\n - firmware: arm_sdei: fix possible double-lock on hibernate error path (bsc#1111666).\n\n - ftrace/kprobe: Show the maxactive number on kprobe_events (git-fixes).\n\n - i2c: hix5hd2: add missed clk_disable_unprepare in remove (bsc#1051510).\n\n - i2c: jz4780: silence log flood on txabrt (bsc#1051510).\n\n - ibmvfc: do not send implicit logouts prior to NPIV login (bsc#1169625 ltc#184611).\n\n - iio: gyro: adis16136: check ret val for non-zero vs less-than-zero (bsc#1051510).\n\n - iio: imu: adis16400: check ret val for non-zero vs less-than-zero (bsc#1051510).\n\n - iio: imu: adis16480: check ret val for non-zero vs less-than-zero (bsc#1051510).\n\n - iio: imu: adis: check ret val for non-zero vs less-than-zero (bsc#1051510).\n\n - iio: magnetometer: ak8974: Fix negative raw values in sysfs (bsc#1051510).\n\n - iio: potentiostat: lmp9100: fix iio_triggered_buffer_(predisable,postenable) positions (bsc#1051510).\n\n - intel_th: Fix user-visible error codes (bsc#1051510).\n\n - intel_th: pci: Add Elkhart Lake CPU support (bsc#1051510).\n\n - iommu/amd: Fix the configuration of GCR3 table root pointer (bsc#1169057).\n\n - ipmi: fix hung processes in __get_guid() (bsc#1111666).\n\n - ipmi:ssif: Handle a possible NULL pointer reference (bsc#1051510).\n\n - ipvlan: do not add hardware address of master to its unicast filter list (bsc#1137325).\n\n - irqchip/bcm2835: Quiesce IRQs left enabled by bootloader (bsc#1051510).\n\n - irqdomain: Fix a memory leak in irq_domain_push_irq() (bsc#1051510).\n\n - kABI workaround for pcie_port_bus_type change (bsc#1161561).\n\n - kABI: fixes for debugfs per-file removal protection backports (bsc#1159198 bsc#1109911). \n\n - kABI: restore debugfs_remove_recursive() (bsc#1159198).\n\n - kabi fix for (bsc#1168202).\n\n - libceph: fix alloc_msg_with_page_vector() memory leaks (bsc#1169308).\n\n - libfs: fix infoleak in simple_attr_read() (bsc#1168881).\n\n - lpfc: add support for translating an RSCN rcv into a discovery rescan (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - lpfc: add support to generate RSCN events for nport (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - mac80211: Do not send mesh HWMP PREQ if HWMP is disabled (bsc#1051510).\n\n - mac80211: consider more elements in parsing CRC (bsc#1051510).\n\n - mac80211: free peer keys before vif down in mesh (bsc#1051510).\n\n - mac80211: mesh: fix RCU warning (bsc#1051510).\n\n - mac80211: only warn once on chanctx_conf being NULL (bsc#1051510).\n\n - mac80211: rx: avoid RCU list traversal under mutex (bsc#1051510).\n\n - macsec: add missing attribute validation for port (bsc#1051510).\n\n - macsec: fix refcnt leak in module exit routine (bsc#1051510).\n\n - media: dib0700: fix rc endpoint lookup (bsc#1051510).\n\n - media: flexcop-usb: fix endpoint sanity check (git-fixes).\n\n - media: go7007: Fix URB type for interrupt handling (bsc#1051510).\n\n - media: ov519: add missing endpoint sanity checks (bsc#1168829).\n\n - media: ov6650: Fix .get_fmt() V4L2_SUBDEV_FORMAT_TRY support (bsc#1051510).\n\n - media: ov6650: Fix some format attributes not under control (bsc#1051510).\n\n - media: ov6650: Fix stored crop rectangle not in sync with hardware (bsc#1051510).\n\n - media: ov6650: Fix stored frame format not in sync with hardware (bsc#1051510).\n\n - media: stv06xx: add missing descriptor sanity checks (bsc#1168854).\n\n - media: tda10071: fix unsigned sign extension overflow (bsc#1051510).\n\n - media: usbtv: fix control-message timeouts (bsc#1051510).\n\n - media: v4l2-core: fix entity initialization in device_register_subdev (bsc#1051510).\n\n - media: vsp1: tidyup VI6_HGT_LBn_H() macro (bsc#1051510).\n\n - media: xirlink_cit: add missing descriptor sanity checks (bsc#1051510).\n\n - mfd: dln2: Fix sanity checking for endpoints (bsc#1051510).\n\n - misc: pci_endpoint_test: Fix to support > 10 pci-endpoint-test devices (bsc#1051510).\n\n - mm/filemap.c: do not initiate writeback if mapping has no dirty pages (bsc#1168884).\n\n - mm/memory_hotplug.c: only respect mem= parameter during boot stage (bsc#1065600).\n\n - mmc: sdhci-of-at91: fix cd-gpios for SAMA5D2 (bsc#1051510).\n\n - mwifiex: set needed_headroom, not hard_header_len (bsc#1051510).\n\n - net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL (bsc#1051510).\n\n - net/sched: flower: add missing validation of TCA_FLOWER_FLAGS (networking-stable-20_02_19).\n\n - net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS (networking-stable-20_02_19).\n\n - net/smc: fix leak of kernel memory to user space (networking-stable-20_02_19).\n\n - net: dsa: tag_qca: Make sure there is headroom for tag (networking-stable-20_02_19).\n\n - net: ena: Add PCI shutdown handler to allow safe kexec (bsc#1167421, bsc#1167423).\n\n - net: nfc: fix bounds checking bugs on 'pipe' (bsc#1051510).\n\n - net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers (bsc#1051510).\n\n - net_sched: keep alloc_hash updated after hash allocation (git-fixes).\n\n - netfilter: conntrack: sctp: use distinct states for new SCTP connections (bsc#1159199).\n\n - nvme-multipath: also check for a disabled path if there is a single sibling (bsc#1158983).\n\n - nvme-multipath: do not select namespaces which are about to be removed (bsc#1158983).\n\n - nvme-multipath: factor out a nvme_path_is_disabled helper (bsc#1158983).\n\n - nvme-multipath: fix crash in nvme_mpath_clear_ctrl_paths (bsc#1158983).\n\n - nvme-multipath: fix possible I/O hang when paths are updated (bsc#1158983).\n\n - nvme-multipath: fix possible io hang after ctrl reconnect (bsc#1158983).\n\n - nvme-multipath: remove unused groups_only mode in ana log (bsc#1158983).\n\n - nvme-multipath: round-robin I/O policy (bsc#1158983).\n\n - nvme: fix a possible deadlock when passthru commands sent to a multipath device (bsc#1158983).\n\n - nvme: fix controller removal race with scan work (bsc#1158983).\n\n - objtool: Add is_static_jump() helper (bsc#1169514).\n\n - objtool: Add relocation check for alternative sections (bsc#1169514).\n\n - partitions/efi: Fix partition name parsing in GUID partition entry (bsc#1168763).\n\n - perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag (bsc#1114279).\n\n - perf: qcom_l2: fix column exclusion check (git-fixes).\n\n - pinctrl: core: Remove extra kref_get which blocks hogs being freed (bsc#1051510).\n\n - platform/x86: pmc_atom: Add Lex 2I385SW to critclk_systems DMI table (bsc#1051510).\n\n - powerpc/64/tm: Do not let userspace set regs->trap via sigreturn (bsc#1118338 ltc#173734).\n\n - powerpc/64: mark start_here_multiplatform as __ref (bsc#1148868).\n\n - powerpc/64s: Fix section mismatch warnings from boot code (bsc#1148868).\n\n - powerpc/hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries (bsc#1065729).\n\n - powerpc/kprobes: Ignore traps that happened in real mode (bsc#1065729).\n\n - powerpc/mm: Fix section mismatch warning in stop_machine_change_mapping() (bsc#1148868).\n\n - powerpc/pseries/ddw: Extend upper limit for huge DMA window for persistent memory (bsc#1142685 ltc#179509).\n\n - powerpc/pseries/iommu: Fix set but not used values (bsc#1142685 ltc#179509).\n\n - powerpc/pseries/iommu: Use memory@ nodes in max RAM address calculation (bsc#1142685 ltc#179509).\n\n - powerpc/vmlinux.lds: Explicitly retain .gnu.hash (bsc#1148868).\n\n - powerpc/xive: Replace msleep(x) with msleep(OPAL_BUSY_DELAY_MS) (bsc#1085030).\n\n - powerpc/xive: Use XIVE_BAD_IRQ instead of zero to catch non configured IPIs (bsc#1085030).\n\n - pwm: bcm2835: Dynamically allocate base (bsc#1051510).\n\n - pwm: meson: Fix confusing indentation (bsc#1051510).\n\n - pwm: pca9685: Fix PWM/GPIO inter-operation (bsc#1051510).\n\n - pwm: rcar: Fix late Runtime PM enablement (bsc#1051510).\n\n - pwm: renesas-tpu: Fix late Runtime PM enablement (bsc#1051510).\n\n - pxa168fb: fix release function mismatch in probe failure (bsc#1051510).\n\n - qmi_wwan: unconditionally reject 2 ep interfaces (bsc#1051510).\n\n - rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer (git-fixes).\n\n - s390/mm: fix dynamic pagetable upgrade for hugetlbfs (bsc#1165182 LTC#184102).\n\n - s390/qeth: fix potential deadlock on workqueue flush (bsc#1165185 LTC#184108).\n\n - scsi: core: avoid repetitive logging of device offline messages (bsc#1145929).\n\n - scsi: core: kABI fix offline_already (bsc#1145929).\n\n - scsi: fc: Update Descriptor definition and add RDF and Link Integrity FPINs (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: ibmvfc: Fix NULL return compiler warning (bsc#1161951 ltc#183551). \n\n - scsi: lpfc: Change default SCSI LUN QD to 64 (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). \n\n - scsi: lpfc: Clean up hba max_lun_queue_depth checks (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Copyright updates for 12.6.0.4 patches (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix Fabric hostname registration if system hostname changes (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix MDS Latency Diagnostics Err-drop rates (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix RQ buffer leakage when no IOCBs available (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix broken Credit Recovery after driver load (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix compiler warning on frame size (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix coverity errors in fmdi attribute handling (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix crash after handling a pci error (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix crash in target side cable pulls hitting WAIT_FOR_UNREG (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix disablement of FC-AL on lpe35000 models (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix driver nvme rescan logging (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix erroneous cpu limit of 128 on I/O statistics (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix improper flag check for IO type (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix incomplete NVME discovery when target (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix lockdep error - register non-static key (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix lpfc overwrite of sg_cnt field in nvmefc_tgt_fcp_req (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix lpfc_io_buf resource leak in lpfc_get_scsi_buf_s4 error path (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set func (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix missing check for CSF in Write Object Mbox Rsp (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix ras_log via debugfs (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix registration of ELS type support in fdmi (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix release of hwq to clear the eq relationship (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix scsi host template for SLI3 vports (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix unmap of dpp bars affecting next driver load (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix update of wq consumer index in lpfc_sli4_wq_release (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix: Rework setting of fdmi symbolic node name registration (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Make debugfs ktime stats generic for NVME and SCSI (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Make lpfc_defer_acc_rsp static (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Remove handler for obsolete ELS - Read Port Status (RPS) (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Remove prototype FIPS/DSS options from SLI-3 (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Update lpfc version to 12.6.0.3 (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Update lpfc version to 12.6.0.4 (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Update lpfc version to 12.8.0.0 (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: add RDF registration and Link Integrity FPIN logging (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: fix spelling mistake 'Notication' -> 'Notification' (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: fix spelling mistakes of asynchronous (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: qla2xxx: Fix I/Os being passed down when FC device is being deleted (bsc#1157424).\n\n - serdev: ttyport: restore client ops on deregistration (bsc#1051510).\n\n - staging: ccree: use signal safe completion wait (git-fixes).\n\n - staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table (bsc#1051510).\n\n - staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi (bsc#1051510).\n\n - staging: wlan-ng: fix ODEBUG bug in prism2sta_disconnect_usb (bsc#1051510).\n\n - staging: wlan-ng: fix use-after-free Read in hfa384x_usbin_callback (bsc#1051510).\n\n - swiotlb: do not panic on mapping failures (bsc#1162171).\n\n - swiotlb: remove the overflow buffer (bsc#1162171).\n\n - thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n (bsc#1051510).\n\n - tpm: ibmvtpm: Wait for buffer to be set before proceeding (bsc#1065729).\n\n - tty/serial: atmel: manage shutdown in case of RS485 or ISO7816 mode (bsc#1051510).\n\n - tty: evh_bytechan: Fix out of bounds accesses (bsc#1051510).\n\n - tty: serial: imx: setup the correct sg entry for tx dma (bsc#1051510).\n\n - usb: audio-v2: Add uac2_effect_unit_descriptor definition (bsc#1051510).\n\n - usb: core: hub: do error out if usb_autopm_get_interface() fails (git-fixes).\n\n - usb: core: port: do error out if usb_autopm_get_interface() fails (git-fixes).\n\n - usb: dwc2: Fix in ISOC request length checking (git-fixes).\n\n - usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus (git-fixes).\n\n - usb: gadget: f_fs: Fix use after free issue as part of queue failure (bsc#1051510).\n\n - usb: host: xhci-plat: add a shutdown (git-fixes).\n\n - usb: musb: Disable pullup at init (git-fixes).\n\n - usb: musb: fix crash with highmen PIO and usbmon (bsc#1051510).\n\n - usb: quirks: add NO_LPM quirk for Logitech Screen Share (git-fixes).\n\n - usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters (git-fixes).\n\n - usb: storage: Add quirk for Samsung Fit flash (git-fixes).\n\n - usb: uas: fix a plug & unplug racing (git-fixes).\n\n - usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI controller 1022:145c (git-fixes).\n\n - virtio-blk: improve virtqueue error to BLK_STS (bsc#1167627).\n\n - virtio_ring: fix unmap of indirect descriptors (bsc#1162171).\n\n - x86/mce: Fix logic and comments around MSR_PPIN_CTL (bsc#1114279).\n\n - x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes (bsc#1114279).\n\n - xen/blkfront: fix memory allocation flags in blkfront_setup_indirect() (bsc#1168486).\n\n - xhci: Do not open code __print_symbolic() in xhci trace events (git-fixes).\n\n - xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms (git-fixes).", "cvss3": {}, "published": "2020-04-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2020-543)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19770", "CVE-2019-3701", "CVE-2019-9458", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11669", "CVE-2020-8834"], "modified": "2020-04-30T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-kvmsmall", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-543.NASL", "href": "https://www.tenable.com/plugins/nessus/136006", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-543.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136006);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/30\");\n\n script_cve_id(\"CVE-2019-19770\", \"CVE-2019-3701\", \"CVE-2019-9458\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11669\", \"CVE-2020-8834\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2020-543)\");\n script_summary(english:\"Check for the openSUSE-2020-543 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 15.1 kernel was updated to receive various security\nand bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2020-11669: An issue was discovered on the powerpc\n platform. arch/powerpc/kernel/idle_book3s.S did not have\n save/restore functionality for PNV_POWERSAVE_AMR,\n PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR, aka\n CID-53a712bae5dd (bnc#1169390).\n\n - CVE-2020-8834: KVM on Power8 processors had a\n conflicting use of HSTATE_HOST_R1 to store r1 state in\n kvmppc_hv_entry plus in kvmppc_(save,restore)_tm,\n leading to a stack corruption. Because of this, an\n attacker with the ability run code in kernel space of a\n guest VM can cause the host kernel to panic. There were\n two commits that, according to the reporter, introduced\n the vulnerability: f024ee098476 ('KVM: PPC: Book3S HV:\n Pull out TM state save/restore into separate\n procedures') 87a11bb6a7f7 ('KVM: PPC: Book3S HV: Work\n around XER[SO] bug in fake suspend mode') (bnc#1168276).\n\n - CVE-2020-11494: An issue was discovered in slc_bump in\n drivers/net/can/slcan.c, which allowed attackers to read\n uninitialized can_frame data, potentially containing\n sensitive information from kernel stack memory, if the\n configuration lacks CONFIG_INIT_STACK_ALL, aka\n CID-b9258a2cece4 (bnc#1168424).\n\n - CVE-2019-9458: In the video driver there is a use after\n free due to a race condition. This could lead to local\n escalation of privilege with no additional execution\n privileges needed. User interaction is not needed for\n exploitation (bnc#1168295).\n\n - CVE-2019-3701: An issue was discovered in can_can_gw_rcv\n in net/can/gw.c. The CAN frame modification rules allow\n bitwise logical operations that can be also applied to\n the can_dlc field. The privileged user 'root' with\n CAP_NET_ADMIN can create a CAN frame modification rule\n that made the data length code a higher value than the\n available CAN frame data size. In combination with a\n configured checksum calculation where the result is\n stored relatively to the end of the data (e.g.\n cgw_csum_xor_rel) the tail of the skb (e.g. frag_list\n pointer in skb_shared_info) can be rewritten which\n finally can cause a system crash. Because of a missing\n check, the CAN drivers may write arbitrary content\n beyond the data registers in the CAN controller's I/O\n memory when processing can-gw manipulated outgoing\n frames (bnc#1120386).\n\n - CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c\n lacked validation of an sk_family field, which might\n allow attackers to trigger kernel stack corruption via\n crafted system calls (bnc#1167629).\n\n - CVE-2019-19770: A use-after-free in the debugfs_remove\n function in fs/debugfs/inode.c was fixed. (bnc#1159198).\n\nThe following non-security bugs were fixed :\n\n - ACPI: watchdog: Fix gas->access_width usage\n (bsc#1051510).\n\n - ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro\n (bsc#1051510).\n\n - ALSA: ali5451: remove redundant variable capture_flag\n (bsc#1051510).\n\n - ALSA: core: Add snd_device_get_state() helper\n (bsc#1051510).\n\n - ALSA: core: Replace zero-length array with\n flexible-array member (bsc#1051510).\n\n - ALSA: emu10k1: Fix endianness annotations (bsc#1051510).\n\n - ALSA: hda/ca0132 - Add Recon3Di quirk to handle\n integrated sound on EVGA X99 Classified motherboard\n (bsc#1051510).\n\n - ALSA: hda/ca0132 - Replace zero-length array with\n flexible-array member (bsc#1051510).\n\n - ALSA: hda/realtek - Enable headset mic of Acer X2660G\n with ALC662 (git-fixes).\n\n - ALSA: hda/realtek - Enable the headset of Acer N50-600\n with ALC662 (git-fixes).\n\n - ALSA: hda/realtek - Remove now-unnecessary XPS 13\n headphone noise fixups (bsc#1051510).\n\n - ALSA: hda/realtek - Set principled PC Beep configuration\n for ALC256 (bsc#1051510).\n\n - ALSA: hda/realtek - a fake key event is triggered by\n running shutup (bsc#1051510).\n\n - ALSA: hda/realtek: Enable mute LED on an HP system\n (bsc#1051510).\n\n - ALSA: hda/realtek: Fix pop noise on ALC225 (git-fixes).\n\n - ALSA: hda: Fix potential access overflow in beep helper\n (bsc#1051510).\n\n - ALSA: hda: Use scnprintf() for string truncation\n (bsc#1051510).\n\n - ALSA: hda: default enable CA0132 DSP support\n (bsc#1051510).\n\n - ALSA: hda: remove redundant assignment to variable\n timeout (bsc#1051510).\n\n - ALSA: hda_codec: Replace zero-length array with\n flexible-array member (bsc#1051510).\n\n - ALSA: hdsp: remove redundant assignment to variable err\n (bsc#1051510).\n\n - ALSA: ice1724: Fix invalid access for enumerated ctl\n items (bsc#1051510).\n\n - ALSA: info: remove redundant assignment to variable c\n (bsc#1051510).\n\n - ALSA: korg1212: fix if-statement empty body warnings\n (bsc#1051510).\n\n - ALSA: line6: Fix endless MIDI read loop (git-fixes).\n\n - ALSA: pcm.h: add for_each_pcm_streams() (bsc#1051510).\n\n - ALSA: pcm: Fix superfluous snprintf() usage\n (bsc#1051510).\n\n - ALSA: pcm: Use a macro for parameter masks to reduce the\n needed cast (bsc#1051510).\n\n - ALSA: pcm: oss: Avoid plugin buffer overflow\n (git-fixes).\n\n - ALSA: pcm: oss: Fix regression by buffer overflow fix\n (bsc#1051510).\n\n - ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc()\n checks (git-fixes).\n\n - ALSA: pcm: oss: Unlock mutex temporarily for sleeping at\n read/write (bsc#1051510).\n\n - ALSA: seq: oss: Fix running status after receiving sysex\n (git-fixes).\n\n - ALSA: seq: virmidi: Fix running status after receiving\n sysex (git-fixes).\n\n - ALSA: usb-audio: Add delayed_register option\n (bsc#1051510).\n\n - ALSA: usb-audio: Add support for MOTU MicroBook IIc\n (bsc#1051510).\n\n - ALSA: usb-audio: Create a registration quirk for\n Kingston HyperX Amp (0951:16d8) (bsc#1051510).\n\n - ALSA: usb-audio: Do not create a mixer element with\n bogus volume range (bsc#1051510).\n\n - ALSA: usb-audio: Fix case when USB MIDI interface has\n more than one extra endpoint descriptor (bsc#1051510).\n\n - ALSA: usb-audio: Fix mixer controls' USB interface for\n Kingston HyperX Amp (0951:16d8) (bsc#1051510).\n\n - ALSA: usb-audio: Inform devices that need delayed\n registration (bsc#1051510).\n\n - ALSA: usb-audio: Parse source ID of UAC2 effect unit\n (bsc#1051510).\n\n - ALSA: usb-audio: Rewrite registration quirk handling\n (bsc#1051510).\n\n - ALSA: usb-midi: Replace zero-length array with\n flexible-array member (bsc#1051510).\n\n - ALSA: usx2y: use for_each_pcm_streams() macro\n (bsc#1051510).\n\n - ALSA: via82xx: Fix endianness annotations (bsc#1051510).\n\n - ASoC: Intel: atom: Take the drv->lock mutex before\n calling sst_send_slot_map() (bsc#1051510).\n\n - ASoC: Intel: mrfld: fix incorrect check on p->sink\n (bsc#1051510).\n\n - ASoC: Intel: mrfld: return error codes when an error\n occurs (bsc#1051510).\n\n - ASoC: jz4740-i2s: Fix divider written at incorrect\n offset in register (bsc#1051510).\n\n - ASoC: sun8i-codec: Remove unused dev from codec struct\n (bsc#1051510).\n\n - Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl\n (bsc#1051510).\n\n - Btrfs: clean up error handling in btrfs_truncate()\n (bsc#1165949).\n\n - Btrfs: do not reset bio->bi_ops while writing bio\n (bsc#1168273).\n\n - Btrfs: fix missing delayed iputs on unmount\n (bsc#1165949).\n\n - Btrfs: fix qgroup double free after failure to reserve\n metadata for delalloc (bsc#1165949).\n\n - Btrfs: fix race leading to metadata space leak after\n task received signal (bsc#1165949).\n\n - Btrfs: fix unwritten extent buffers and hangs on future\n writeback attempts (bsc#1168273).\n\n - Btrfs: make plug in writing meta blocks really work\n (bsc#1168273).\n\n - Btrfs: only check delayed ref usage in\n should_end_transaction (bsc#1165949).\n\n - Btrfs: remove bio_flags which indicates a meta block of\n log-tree (bsc#1168273).\n\n - Crypto: chelsio - Fixes a deadlock between rtnl_lock and\n uld_mutex (bsc#1111666).\n\n - Crypto: chelsio - Fixes a hang issue during driver\n registration (bsc#1111666).\n\n - Deprecate NR_UNSTABLE_NFS, use NR_WRITEBACK\n (bsc#1163403).\n\n - HID: apple: Add support for recent firmware on Magic\n Keyboards (bsc#1051510).\n\n - IB/hfi1: convert to debugfs_file_get() and -put()\n (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - Input: add safety guards to input_set_keycode()\n (bsc#1168075).\n\n - Input: avoid BIT() macro usage in the serio.h UAPI\n header (bsc#1051510).\n\n - Input: raydium_i2c_ts - fix error codes in\n raydium_i2c_boot_trigger() (bsc#1051510).\n\n - Input: synaptics - enable RMI on HP Envy 13-ad105ng\n (bsc#1051510).\n\n - MM: replace PF_LESS_THROTTLE with PF_LOCAL_THROTTLE\n (bsc#1163403).\n\n - NFC: fdp: Fix a signedness bug in fdp_nci_send_patch()\n (bsc#1051510).\n\n - NFS: send state management on a single connection\n (bsc#1167005).\n\n - OMAP: DSS2: remove non-zero check on variable r\n (bsc#1114279)\n\n - PCI/AER: Factor message prefixes with dev_fmt()\n (bsc#1161561).\n\n - PCI/AER: Log which device prevents error recovery\n (bsc#1161561).\n\n - PCI/AER: Remove ERR_FATAL code from ERR_NONFATAL path\n (bsc#1161561).\n\n - PCI/ASPM: Clear the correct bits when enabling L1\n substates (bsc#1051510).\n\n - PCI/ERR: Always report current recovery status for udev\n (bsc#1161561).\n\n - PCI/ERR: Handle fatal error recovery (bsc#1161561).\n\n - PCI/ERR: Remove duplicated include from err.c\n (bsc#1161561).\n\n - PCI/ERR: Simplify broadcast callouts (bsc#1161561).\n\n - PCI/portdrv: Remove pcie_port_bus_type link order\n dependency (bsc#1161561).\n\n - PCI/switchtec: Fix init_completion race condition with\n poll_wait() (bsc#1051510).\n\n - PCI: Simplify disconnected marking (bsc#1161561).\n\n - PCI: Unify device inaccessible (bsc#1161561).\n\n - PCI: endpoint: Fix clearing start entry in configfs\n (bsc#1051510).\n\n - PCI: pciehp: Fix MSI interrupt race (bsc#1159037).\n\n - PCI: portdrv: Initialize service drivers directly\n (bsc#1161561).\n\n - PM: core: Fix handling of devices deleted during\n system-wide resume (git-fixes).\n\n - SUNRPC: defer slow parts of rpc_free_client() to a\n workqueue (bsc#1168202).\n\n - USB: Disable LPM on WD19's Realtek Hub (git-fixes).\n\n - USB: Fix novation SourceControl XL after suspend\n (git-fixes).\n\n - USB: cdc-acm: fix rounding error in TIOCSSERIAL\n (git-fixes).\n\n - USB: hub: Do not record a connect-change event during\n reset-resume (git-fixes).\n\n - USB: misc: iowarrior: add support for 2 OEMed devices\n (git-fixes).\n\n - USB: misc: iowarrior: add support for the 100 device\n (git-fixes).\n\n - USB: misc: iowarrior: add support for the 28 and 28L\n devices (git-fixes).\n\n - USB: serial: io_edgeport: fix slab-out-of-bounds read in\n edge_interrupt_callback (bsc#1051510).\n\n - USB: serial: option: add ME910G1 ECM composition 0x110b\n (git-fixes).\n\n - USB: serial: pl2303: add device-id for HP LD381\n (git-fixes).\n\n - ahci: Add support for Amazon's Annapurna Labs SATA\n controller (bsc#1169013).\n\n - apei/ghes: Do not delay GHES polling (bsc#1166982).\n\n - ath9k: Handle txpower changes even when TPC is disabled\n (bsc#1051510).\n\n - batman-adv: Avoid spurious warnings from bat_v neigh_cmp\n implementation (bsc#1051510).\n\n - batman-adv: Do not schedule OGM for disabled interface\n (bsc#1051510).\n\n - batman-adv: prevent TT request storms by not sending\n inconsistent TT TLVLs (bsc#1051510).\n\n - binfmt_elf: Do not move brk for INTERP-less ET_EXEC\n (bsc#1169013).\n\n - binfmt_elf: move brk out of mmap when doing direct\n loader exec (bsc#1169013).\n\n - blk-mq: Allow blocking queue tag iter callbacks\n (bsc#1167316).\n\n - block, bfq: fix use-after-free in\n bfq_idle_slice_timer_body (bsc#1168760).\n\n - block: keep bdi->io_pages in sync with max_sectors_kb\n for stacked devices (bsc#1168762).\n\n - bnxt_en: Support all variants of the 5750X chip family\n (bsc#1167216).\n\n - bpf: Explicitly memset some bpf info structures declared\n on the stack (bsc#1083647).\n\n - bpf: Explicitly memset the bpf_attr structure\n (bsc#1083647).\n\n - brcmfmac: abort and release host after error\n (bsc#1111666).\n\n - btrfs: Account for trans_block_rsv in\n may_commit_transaction (bsc#1165949).\n\n - btrfs: Add enospc_debug printing in\n metadata_reserve_bytes (bsc#1165949).\n\n - btrfs: Do mandatory tree block check before submitting\n bio (bsc#1168273).\n\n - btrfs: Improve global reserve stealing logic\n (bsc#1165949).\n\n - btrfs: Output ENOSPC debug info in inc_block_group_ro\n (bsc#1165949).\n\n - btrfs: Remove btrfs_inode::delayed_iput_count\n (bsc#1165949).\n\n - btrfs: Remove fs_info from do_chunk_alloc (bsc#1165949).\n\n - btrfs: Remove redundant argument of flush_space\n (bsc#1165949).\n\n - btrfs: Remove redundant mirror_num arg (bsc#1168273).\n\n - btrfs: Rename bin_search -> btrfs_bin_search\n (bsc#1168273).\n\n - btrfs: add a flush step for delayed iputs (bsc#1165949).\n\n - btrfs: add assertions for releasing trans handle\n reservations (bsc#1165949).\n\n - btrfs: add btrfs_delete_ref_head helper (bsc#1165949).\n\n - btrfs: add enospc debug messages for ticket failure\n (bsc#1165949).\n\n - btrfs: add new flushing states for the delayed refs rsv\n (bsc#1165949).\n\n - btrfs: add space reservation tracepoint for reserved\n bytes (bsc#1165949).\n\n - btrfs: adjust dirty_metadata_bytes after writeback\n failure of extent buffer (bsc#1168273).\n\n - btrfs: allow us to use up to 90% of the global rsv for\n unlink (bsc#1165949).\n\n - btrfs: always reserve our entire size for the global\n reserve (bsc#1165949).\n\n - btrfs: assert on non-empty delayed iputs (bsc##1165949).\n\n - btrfs: be more explicit about allowed flush states\n (bsc#1165949).\n\n - btrfs: call btrfs_create_pending_block_groups\n unconditionally (bsc#1165949).\n\n - btrfs: catch cow on deleting snapshots (bsc#1165949).\n\n - btrfs: change the minimum global reserve size\n (bsc#1165949).\n\n - btrfs: check if there are free block groups for commit\n (bsc#1165949).\n\n - btrfs: cleanup extent_op handling (bsc#1165949).\n\n - btrfs: cleanup root usage by btrfs_get_alloc_profile\n (bsc#1165949).\n\n - btrfs: cleanup the target logic in\n __btrfs_block_rsv_release (bsc#1165949).\n\n - btrfs: clear space cache inode generation always\n (bsc#1165949).\n\n - btrfs: delayed-ref: pass delayed_refs directly to\n btrfs_delayed_ref_lock (bsc#1165949).\n\n - btrfs: do not account global reserve in can_overcommit\n (bsc#1165949).\n\n - btrfs: do not allow reservations if we have pending\n tickets (bsc#1165949).\n\n - btrfs: do not call btrfs_start_delalloc_roots in\n flushoncommit (bsc#1165949).\n\n - btrfs: do not end the transaction for delayed refs in\n throttle (bsc#1165949).\n\n - btrfs: do not enospc all tickets on flush failure\n (bsc#1165949).\n\n - btrfs: do not run delayed refs in the end transaction\n logic (bsc#1165949).\n\n - btrfs: do not run delayed_iputs in commit\n (bsc##1165949).\n\n - btrfs: do not use ctl->free_space for max_extent_size\n (bsc##1165949).\n\n - btrfs: do not use global reserve for chunk allocation\n (bsc#1165949).\n\n - btrfs: drop get_extent from extent_page_data\n (bsc#1168273).\n\n - btrfs: drop min_size from evict_refill_and_join\n (bsc##1165949).\n\n - btrfs: drop unused space_info parameter from\n create_space_info (bsc#1165949).\n\n - btrfs: dump block_rsv details when dumping space info\n (bsc#1165949).\n\n - btrfs: export __btrfs_block_rsv_release (bsc#1165949).\n\n - btrfs: export block group accounting helpers\n (bsc#1165949).\n\n - btrfs: export block_rsv_use_bytes (bsc#1165949).\n\n - btrfs: export btrfs_block_rsv_add_bytes (bsc#1165949).\n\n - btrfs: export space_info_add_*_bytes (bsc#1165949).\n\n - btrfs: export the block group caching helpers\n (bsc#1165949).\n\n - btrfs: export the caching control helpers (bsc#1165949).\n\n - btrfs: export the excluded extents helpers\n (bsc#1165949).\n\n - btrfs: extent-tree: Add lockdep assert when updating\n space info (bsc#1165949).\n\n - btrfs: extent-tree: Add trace events for space info\n numbers update (bsc#1165949).\n\n - btrfs: extent-tree: Detect bytes_may_use underflow\n earlier (bsc#1165949).\n\n - btrfs: extent-tree: Detect bytes_pinned underflow\n earlier (bsc#1165949).\n\n - btrfs: extent_io: Handle errors better in\n btree_write_cache_pages() (bsc#1168273).\n\n - btrfs: extent_io: Handle errors better in\n extent_write_full_page() (bsc#1168273).\n\n - btrfs: extent_io: Handle errors better in\n extent_write_locked_range() (bsc#1168273).\n\n - btrfs: extent_io: Handle errors better in\n extent_writepages() (bsc#1168273).\n\n - btrfs: extent_io: Kill dead condition in\n extent_write_cache_pages() (bsc#1168273).\n\n - btrfs: extent_io: Kill the forward declaration of\n flush_write_bio (bsc#1168273).\n\n - btrfs: extent_io: Move the BUG_ON() in flush_write_bio()\n one level up (bsc#1168273).\n\n - btrfs: extent_io: add proper error handling to\n lock_extent_buffer_for_io() (bsc#1168273).\n\n - btrfs: factor our read/write stage off csum_tree_block\n into its callers (bsc#1168273).\n\n - btrfs: factor out the ticket flush handling\n (bsc#1165949).\n\n - btrfs: fix insert_reserved error handling\n (bsc##1165949).\n\n - btrfs: fix may_commit_transaction to deal with no\n partial filling (bsc#1165949).\n\n - btrfs: fix truncate throttling (bsc#1165949).\n\n - btrfs: force chunk allocation if our global rsv is\n larger than metadata (bsc#1165949).\n\n - btrfs: introduce an evict flushing state (bsc#1165949).\n\n - btrfs: introduce delayed_refs_rsv (bsc#1165949).\n\n - btrfs: loop in inode_rsv_refill (bsc#1165949).\n\n - btrfs: make btrfs_destroy_delayed_refs use\n btrfs_delayed_ref_lock (bsc#1165949).\n\n - btrfs: make btrfs_destroy_delayed_refs use\n btrfs_delete_ref_head (bsc#1165949).\n\n - btrfs: make caching_thread use btrfs_find_next_key\n (bsc#1165949).\n\n - btrfs: merge two flush_write_bio helpers (bsc#1168273).\n\n - btrfs: migrate btrfs_trans_release_chunk_metadata\n (bsc#1165949).\n\n - btrfs: migrate inc/dec_block_group_ro code\n (bsc#1165949).\n\n - btrfs: migrate nocow and reservation helpers\n (bsc#1165949).\n\n - btrfs: migrate the alloc_profile helpers (bsc#1165949).\n\n - btrfs: migrate the block group caching code\n (bsc#1165949).\n\n - btrfs: migrate the block group cleanup code\n (bsc#1165949).\n\n - btrfs: migrate the block group lookup code\n (bsc#1165949).\n\n - btrfs: migrate the block group read/creation code\n (bsc#1165949).\n\n - btrfs: migrate the block group ref counting stuff\n (bsc#1165949).\n\n - btrfs: migrate the block group removal code\n (bsc#1165949).\n\n - btrfs: migrate the block group space accounting helpers\n (bsc#1165949).\n\n - btrfs: migrate the block-rsv code to block-rsv.c\n (bsc#1165949).\n\n - btrfs: migrate the chunk allocation code (bsc#1165949).\n\n - btrfs: migrate the delalloc space stuff to it's own home\n (bsc#1165949).\n\n - btrfs: migrate the delayed refs rsv code (bsc#1165949).\n\n - btrfs: migrate the dirty bg writeout code (bsc#1165949).\n\n - btrfs: migrate the global_block_rsv helpers to\n block-rsv.c (bsc#1165949).\n\n - btrfs: move and export can_overcommit (bsc#1165949).\n\n - btrfs: move basic block_group definitions to their own\n header (bsc#1165949).\n\n - btrfs: move btrfs_add_free_space out of a header file\n (bsc#1165949).\n\n - btrfs: move btrfs_block_rsv definitions into it's own\n header (bsc#1165949).\n\n - btrfs: move btrfs_raid_group values to btrfs_raid_attr\n table (bsc#1165949).\n\n - btrfs: move btrfs_space_info_add_*_bytes to space-info.c\n (bsc#1165949).\n\n - btrfs: move dump_space_info to space-info.c\n (bsc#1165949).\n\n - btrfs: move reserve_metadata_bytes and supporting code\n to space-info.c (bsc#1165949).\n\n - btrfs: move space_info to space-info.h (bsc#1165949).\n\n - btrfs: move the space info update macro to space-info.h\n (bsc#1165949).\n\n - btrfs: move the space_info handling code to space-info.c\n (bsc#1165949).\n\n - btrfs: move the subvolume reservation stuff out of\n extent-tree.c (bsc#1165949).\n\n - btrfs: only check priority tickets for priority flushing\n (bsc#1165949).\n\n - btrfs: only free reserved extent if we didn't insert it\n (bsc##1165949).\n\n - btrfs: only reserve metadata_size for inodes\n (bsc#1165949).\n\n - btrfs: only track ref_heads in delayed_ref_updates\n (bsc#1165949).\n\n - btrfs: pass root to various extent ref mod functions\n (bsc#1165949).\n\n - btrfs: qgroup: Do not hold qgroup_ioctl_lock in\n btrfs_qgroup_inherit() (bsc#1165823).\n\n - btrfs: qgroup: Mark qgroup inconsistent if we're\n inherting snapshot to a new qgroup (bsc#1165823).\n\n - btrfs: refactor block group replication factor\n calculation to a helper (bsc#1165949).\n\n - btrfs: refactor priority_reclaim_metadata_space\n (bsc#1165949).\n\n - btrfs: refactor the ticket wakeup code (bsc#1165949).\n\n - btrfs: release metadata before running delayed refs\n (bsc##1165949).\n\n - btrfs: remove orig_bytes from reserve_ticket\n (bsc#1165949).\n\n - btrfs: rename btrfs_space_info_add_old_bytes\n (bsc#1165949).\n\n - btrfs: rename do_chunk_alloc to btrfs_chunk_alloc\n (bsc#1165949).\n\n - btrfs: rename the btrfs_calc_*_metadata_size helpers\n (bsc#1165949).\n\n - btrfs: replace cleaner_delayed_iput_mutex with a\n waitqueue (bsc#1165949).\n\n - btrfs: reserve delalloc metadata differently\n (bsc#1165949).\n\n - btrfs: reserve extra space during evict (bsc#1165949).\n\n - btrfs: reset max_extent_size on clear in a bitmap\n (bsc##1165949).\n\n - btrfs: reset max_extent_size properly (bsc##1165949).\n\n - btrfs: rework btrfs_check_space_for_delayed_refs\n (bsc#1165949).\n\n - btrfs: rework wake_all_tickets (bsc#1165949).\n\n - btrfs: roll tracepoint into btrfs_space_info_update\n helper (bsc#1165949).\n\n - btrfs: run btrfs_try_granting_tickets if a priority\n ticket fails (bsc#1165949).\n\n - btrfs: run delayed iput at unlink time (bsc#1165949).\n\n - btrfs: run delayed iputs before committing\n (bsc#1165949).\n\n - btrfs: set max_extent_size properly (bsc##1165949).\n\n - btrfs: sink extent_write_full_page tree argument\n (bsc#1168273).\n\n - btrfs: sink extent_write_locked_range tree parameter\n (bsc#1168273).\n\n - btrfs: sink flush_fn to extent_write_cache_pages\n (bsc#1168273).\n\n - btrfs: sink get_extent parameter to\n extent_write_full_page (bsc#1168273).\n\n - btrfs: sink get_extent parameter to\n extent_write_locked_range (bsc#1168273).\n\n - btrfs: sink get_extent parameter to extent_fiemap\n (bsc#1168273).\n\n - btrfs: sink get_extent parameter to extent_readpages\n (bsc#1168273).\n\n - btrfs: sink get_extent parameter to extent_writepages\n (bsc#1168273).\n\n - btrfs: sink get_extent parameter to\n get_extent_skip_holes (bsc#1168273).\n\n - btrfs: sink writepage parameter to\n extent_write_cache_pages (bsc#1168273).\n\n - btrfs: stop partially refilling tickets when releasing\n space (bsc#1165949).\n\n - btrfs: stop using block_rsv_release_bytes everywhere\n (bsc#1165949).\n\n - btrfs: switch to on-stack csum buffer in csum_tree_block\n (bsc#1168273).\n\n - btrfs: temporarily export btrfs_get_restripe_target\n (bsc#1165949).\n\n - btrfs: temporarily export fragment_free_space\n (bsc#1165949).\n\n - btrfs: temporarily export inc_block_group_ro\n (bsc#1165949).\n\n - btrfs: track DIO bytes in flight (bsc#1165949).\n\n - btrfs: tree-checker: Remove comprehensive root owner\n check (bsc#1168273).\n\n - btrfs: unexport can_overcommit (bsc#1165949).\n\n - btrfs: unexport the temporary exported functions\n (bsc#1165949).\n\n - btrfs: unify error handling for ticket flushing\n (bsc#1165949).\n\n - btrfs: unify extent_page_data type passed as void\n (bsc#1168273).\n\n - btrfs: update may_commit_transaction to use the delayed\n refs rsv (bsc#1165949).\n\n - btrfs: use btrfs_try_granting_tickets in\n update_global_rsv (bsc#1165949).\n\n - btrfs: wait on caching when putting the bg cache\n (bsc#1165949).\n\n - btrfs: wait on ordered extents on abort cleanup\n (bsc#1165949).\n\n - btrfs: wakeup cleaner thread when adding delayed iput\n (bsc#1165949).\n\n - ceph: canonicalize server path in place (bsc#1168443).\n\n - ceph: check POOL_FLAG_FULL/NEARFULL in addition to\n OSDMAP_FULL/NEARFULL (bsc#1169307).\n\n - ceph: remove the extra slashes in the server path\n (bsc#1168443).\n\n - cfg80211: check reg_rule for NULL in\n handle_channel_custom() (bsc#1051510).\n\n - cfg80211: check wiphy driver existence for drvinfo\n report (bsc#1051510).\n\n - cgroup: memcg: net: do not associate sock with unrelated\n cgroup (bsc#1167290).\n\n - cifs: ignore cached share root handle closing errors\n (bsc#1166780).\n\n - clk: imx: Align imx sc clock msg structs to 4\n (bsc#1111666).\n\n - clk: imx: Align imx sc clock msg structs to 4\n (git-fixes).\n\n - clk: qcom: rcg: Return failure for RCG update\n (bsc#1051510).\n\n - configfs: Fix bool initialization/comparison\n (bsc#1051510).\n\n - cpufreq: Register drivers only after CPU devices have\n been registered (bsc#1051510).\n\n - cpuidle: Do not unset the driver if it is there already\n (bsc#1051510).\n\n - crypto: arm64/sha-ce - implement export/import\n (bsc#1051510).\n\n - crypto: mxs-dcp - fix scatterlist linearization for hash\n (bsc#1051510).\n\n - crypto: tcrypt - fix printed skcipher [a]sync mode\n (bsc#1051510).\n\n - debugfs: add support for more elaborate ->d_fsdata\n (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - debugfs: call debugfs_real_fops() only after\n debugfs_file_get() (bsc#1159198 bsc#1109911).\n Prerequisite for bsc#1159198.\n\n - debugfs: call debugfs_real_fops() only after\n debugfs_file_get() (bsc#1159198). Prerequisite for\n bsc#1159198.\n\n - debugfs: convert to debugfs_file_get() and -put()\n (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - debugfs: debugfs_real_fops(): drop __must_hold sparse\n annotation (bsc#1159198 bsc#1109911). Prerequisite for\n bsc#1159198.\n\n - debugfs: debugfs_use_start/finish do not exist anymore\n (bsc#1159198). Prerequisite for bsc#1159198.\n\n - debugfs: defer debugfs_fsdata allocation to first usage\n (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - debugfs: defer debugfs_fsdata allocation to first usage\n (bsc#1159198). Prerequisite for bsc#1159198.\n\n - debugfs: fix debugfs_real_fops() build error\n (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - debugfs: implement per-file removal protection\n (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - debugfs: purge obsolete SRCU based removal protection\n (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.\n\n - debugfs: simplify __debugfs_remove_file() (bsc#1159198).\n Prerequisite for bsc#1159198.\n\n - dmaengine: ste_dma40: fix unneeded variable warning\n (bsc#1051510).\n\n - drm/amd/amdgpu: Fix GPR read from debugfs (v2)\n (bsc#1113956)\n\n - drm/amd/display: Add link_rate quirk for Apple 15' MBP\n 2017 (bsc#1111666).\n\n - drm/amd/display: Fix wrongly passed static prefix\n (bsc#1111666).\n\n - drm/amd/display: remove duplicated assignment to\n grph_obj_type (bsc#1051510).\n\n - drm/amdgpu: fix typo for vcn1 idle check (bsc#1111666).\n\n - drm/bochs: downgrade pci_request_region failure from\n error to warning (bsc#1051510).\n\n - drm/bridge: dw-hdmi: fix AVI frame colorimetry\n (bsc#1051510).\n\n - drm/drm_dp_mst:remove set but not used variable\n 'origlen' (bsc#1051510).\n\n - drm/exynos: dsi: fix workaround for the legacy clock\n name (bsc#1111666).\n\n - drm/exynos: dsi: propagate error value and silence\n meaningless warning (bsc#1111666).\n\n - drm/lease: fix WARNING in idr_destroy (bsc#1113956)\n\n - drm/msm: Set dma maximum segment size for mdss\n (bsc#1051510).\n\n - drm/msm: Use the correct dma_sync calls harder\n (bsc#1051510).\n\n - drm/msm: Use the correct dma_sync calls in msm_gem\n (bsc#1051510).\n\n - drm/msm: stop abusing dma_map/unmap for cache\n (bsc#1051510).\n\n - drm/sun4i: dsi: Use NULL to signify 'no panel'\n (bsc#1111666).\n\n - drm/v3d: Replace wait_for macros to remove use of msleep\n (bsc#1111666).\n\n - drm/vc4: Fix HDMI mode validation (git-fixes).\n\n - drm_dp_mst_topology: fix broken\n drm_dp_sideband_parse_remote_dpcd_read() (bsc#1051510).\n\n - dt-bindings: allow up to four clocks for orion-mdio\n (bsc#1051510).\n\n - efi: Do not attempt to map RCI2 config table if it does\n not exist (jsc#ECO-366, bsc#1168367).\n\n - efi: Export Runtime Configuration Interface table to\n sysfs (jsc#ECO-366, bsc#1168367).\n\n - efi: Fix a race and a buffer overflow while reading\n efivars via sysfs (bsc#1164893).\n\n - efi: x86: move efi_is_table_address() into arch/x86\n (jsc#ECO-366, bsc#1168367).\n\n - ext4: Avoid ENOSPC when avoiding to reuse recently\n deleted inodes (bsc#1165019).\n\n - ext4: Check for non-zero journal inum in\n ext4_calculate_overhead (bsc#1167288).\n\n - ext4: add cond_resched() to __ext4_find_entry()\n (bsc#1166862).\n\n - ext4: do not assume that mmp_nodename/bdevname have NUL\n (bsc#1166860).\n\n - ext4: fix a data race in EXT4_I(inode)->i_disksize\n (bsc#1166861).\n\n - ext4: fix incorrect group count in ext4_fill_super error\n message (bsc#1168765).\n\n - ext4: fix incorrect inodes per group in error message\n (bsc#1168764).\n\n - ext4: fix potential race between online resizing and\n write operations (bsc#1166864).\n\n - ext4: fix potential race between s_flex_groups online\n resizing and access (bsc#1166867).\n\n - ext4: fix potential race between s_group_info online\n resizing and access (bsc#1166866).\n\n - ext4: fix race between writepages and enabling\n EXT4_EXTENTS_FL (bsc#1166870).\n\n - ext4: fix support for inode sizes > 1024 bytes\n (bsc#1164284).\n\n - ext4: potential crash on allocation error in\n ext4_alloc_flex_bg_array() (bsc#1166940).\n\n - ext4: rename s_journal_flag_rwsem to s_writepages_rwsem\n (bsc#1166868).\n\n - ext4: validate the debug_want_extra_isize mount option\n at parse time (bsc#1163897).\n\n - fat: fix uninit-memory access for partial initialized\n inode (bsc#1051510).\n\n - fat: work around race with userspace's read via blockdev\n while mounting (bsc#1051510).\n\n - fbdev/g364fb: Fix build failure (bsc#1051510).\n\n - fbdev: potential information leak in do_fb_ioctl()\n (bsc#1114279)\n\n - fbmem: Adjust indentation in fb_prepare_logo and\n fb_blank (bsc#1114279)\n\n - firmware: arm_sdei: fix double-lock on hibernate with\n shared events (bsc#1111666).\n\n - firmware: arm_sdei: fix possible double-lock on\n hibernate error path (bsc#1111666).\n\n - ftrace/kprobe: Show the maxactive number on\n kprobe_events (git-fixes).\n\n - i2c: hix5hd2: add missed clk_disable_unprepare in remove\n (bsc#1051510).\n\n - i2c: jz4780: silence log flood on txabrt (bsc#1051510).\n\n - ibmvfc: do not send implicit logouts prior to NPIV login\n (bsc#1169625 ltc#184611).\n\n - iio: gyro: adis16136: check ret val for non-zero vs\n less-than-zero (bsc#1051510).\n\n - iio: imu: adis16400: check ret val for non-zero vs\n less-than-zero (bsc#1051510).\n\n - iio: imu: adis16480: check ret val for non-zero vs\n less-than-zero (bsc#1051510).\n\n - iio: imu: adis: check ret val for non-zero vs\n less-than-zero (bsc#1051510).\n\n - iio: magnetometer: ak8974: Fix negative raw values in\n sysfs (bsc#1051510).\n\n - iio: potentiostat: lmp9100: fix\n iio_triggered_buffer_(predisable,postenable) positions\n (bsc#1051510).\n\n - intel_th: Fix user-visible error codes (bsc#1051510).\n\n - intel_th: pci: Add Elkhart Lake CPU support\n (bsc#1051510).\n\n - iommu/amd: Fix the configuration of GCR3 table root\n pointer (bsc#1169057).\n\n - ipmi: fix hung processes in __get_guid() (bsc#1111666).\n\n - ipmi:ssif: Handle a possible NULL pointer reference\n (bsc#1051510).\n\n - ipvlan: do not add hardware address of master to its\n unicast filter list (bsc#1137325).\n\n - irqchip/bcm2835: Quiesce IRQs left enabled by bootloader\n (bsc#1051510).\n\n - irqdomain: Fix a memory leak in irq_domain_push_irq()\n (bsc#1051510).\n\n - kABI workaround for pcie_port_bus_type change\n (bsc#1161561).\n\n - kABI: fixes for debugfs per-file removal protection\n backports (bsc#1159198 bsc#1109911). \n\n - kABI: restore debugfs_remove_recursive() (bsc#1159198).\n\n - kabi fix for (bsc#1168202).\n\n - libceph: fix alloc_msg_with_page_vector() memory leaks\n (bsc#1169308).\n\n - libfs: fix infoleak in simple_attr_read() (bsc#1168881).\n\n - lpfc: add support for translating an RSCN rcv into a\n discovery rescan (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - lpfc: add support to generate RSCN events for nport\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - mac80211: Do not send mesh HWMP PREQ if HWMP is disabled\n (bsc#1051510).\n\n - mac80211: consider more elements in parsing CRC\n (bsc#1051510).\n\n - mac80211: free peer keys before vif down in mesh\n (bsc#1051510).\n\n - mac80211: mesh: fix RCU warning (bsc#1051510).\n\n - mac80211: only warn once on chanctx_conf being NULL\n (bsc#1051510).\n\n - mac80211: rx: avoid RCU list traversal under mutex\n (bsc#1051510).\n\n - macsec: add missing attribute validation for port\n (bsc#1051510).\n\n - macsec: fix refcnt leak in module exit routine\n (bsc#1051510).\n\n - media: dib0700: fix rc endpoint lookup (bsc#1051510).\n\n - media: flexcop-usb: fix endpoint sanity check\n (git-fixes).\n\n - media: go7007: Fix URB type for interrupt handling\n (bsc#1051510).\n\n - media: ov519: add missing endpoint sanity checks\n (bsc#1168829).\n\n - media: ov6650: Fix .get_fmt() V4L2_SUBDEV_FORMAT_TRY\n support (bsc#1051510).\n\n - media: ov6650: Fix some format attributes not under\n control (bsc#1051510).\n\n - media: ov6650: Fix stored crop rectangle not in sync\n with hardware (bsc#1051510).\n\n - media: ov6650: Fix stored frame format not in sync with\n hardware (bsc#1051510).\n\n - media: stv06xx: add missing descriptor sanity checks\n (bsc#1168854).\n\n - media: tda10071: fix unsigned sign extension overflow\n (bsc#1051510).\n\n - media: usbtv: fix control-message timeouts\n (bsc#1051510).\n\n - media: v4l2-core: fix entity initialization in\n device_register_subdev (bsc#1051510).\n\n - media: vsp1: tidyup VI6_HGT_LBn_H() macro (bsc#1051510).\n\n - media: xirlink_cit: add missing descriptor sanity checks\n (bsc#1051510).\n\n - mfd: dln2: Fix sanity checking for endpoints\n (bsc#1051510).\n\n - misc: pci_endpoint_test: Fix to support > 10\n pci-endpoint-test devices (bsc#1051510).\n\n - mm/filemap.c: do not initiate writeback if mapping has\n no dirty pages (bsc#1168884).\n\n - mm/memory_hotplug.c: only respect mem= parameter during\n boot stage (bsc#1065600).\n\n - mmc: sdhci-of-at91: fix cd-gpios for SAMA5D2\n (bsc#1051510).\n\n - mwifiex: set needed_headroom, not hard_header_len\n (bsc#1051510).\n\n - net/nfc: Avoid stalls when nfc_alloc_send_skb() returned\n NULL (bsc#1051510).\n\n - net/sched: flower: add missing validation of\n TCA_FLOWER_FLAGS (networking-stable-20_02_19).\n\n - net/sched: matchall: add missing validation of\n TCA_MATCHALL_FLAGS (networking-stable-20_02_19).\n\n - net/smc: fix leak of kernel memory to user space\n (networking-stable-20_02_19).\n\n - net: dsa: tag_qca: Make sure there is headroom for tag\n (networking-stable-20_02_19).\n\n - net: ena: Add PCI shutdown handler to allow safe kexec\n (bsc#1167421, bsc#1167423).\n\n - net: nfc: fix bounds checking bugs on 'pipe'\n (bsc#1051510).\n\n - net: phy: micrel: kszphy_resume(): add delay after\n genphy_resume() before accessing PHY registers\n (bsc#1051510).\n\n - net_sched: keep alloc_hash updated after hash allocation\n (git-fixes).\n\n - netfilter: conntrack: sctp: use distinct states for new\n SCTP connections (bsc#1159199).\n\n - nvme-multipath: also check for a disabled path if there\n is a single sibling (bsc#1158983).\n\n - nvme-multipath: do not select namespaces which are about\n to be removed (bsc#1158983).\n\n - nvme-multipath: factor out a nvme_path_is_disabled\n helper (bsc#1158983).\n\n - nvme-multipath: fix crash in nvme_mpath_clear_ctrl_paths\n (bsc#1158983).\n\n - nvme-multipath: fix possible I/O hang when paths are\n updated (bsc#1158983).\n\n - nvme-multipath: fix possible io hang after ctrl\n reconnect (bsc#1158983).\n\n - nvme-multipath: remove unused groups_only mode in ana\n log (bsc#1158983).\n\n - nvme-multipath: round-robin I/O policy (bsc#1158983).\n\n - nvme: fix a possible deadlock when passthru commands\n sent to a multipath device (bsc#1158983).\n\n - nvme: fix controller removal race with scan work\n (bsc#1158983).\n\n - objtool: Add is_static_jump() helper (bsc#1169514).\n\n - objtool: Add relocation check for alternative sections\n (bsc#1169514).\n\n - partitions/efi: Fix partition name parsing in GUID\n partition entry (bsc#1168763).\n\n - perf/amd/uncore: Replace manual sampling check with\n CAP_NO_INTERRUPT flag (bsc#1114279).\n\n - perf: qcom_l2: fix column exclusion check (git-fixes).\n\n - pinctrl: core: Remove extra kref_get which blocks hogs\n being freed (bsc#1051510).\n\n - platform/x86: pmc_atom: Add Lex 2I385SW to\n critclk_systems DMI table (bsc#1051510).\n\n - powerpc/64/tm: Do not let userspace set regs->trap via\n sigreturn (bsc#1118338 ltc#173734).\n\n - powerpc/64: mark start_here_multiplatform as __ref\n (bsc#1148868).\n\n - powerpc/64s: Fix section mismatch warnings from boot\n code (bsc#1148868).\n\n - powerpc/hash64/devmap: Use H_PAGE_THP_HUGE when setting\n up huge devmap PTE entries (bsc#1065729).\n\n - powerpc/kprobes: Ignore traps that happened in real mode\n (bsc#1065729).\n\n - powerpc/mm: Fix section mismatch warning in\n stop_machine_change_mapping() (bsc#1148868).\n\n - powerpc/pseries/ddw: Extend upper limit for huge DMA\n window for persistent memory (bsc#1142685 ltc#179509).\n\n - powerpc/pseries/iommu: Fix set but not used values\n (bsc#1142685 ltc#179509).\n\n - powerpc/pseries/iommu: Use memory@ nodes in max RAM\n address calculation (bsc#1142685 ltc#179509).\n\n - powerpc/vmlinux.lds: Explicitly retain .gnu.hash\n (bsc#1148868).\n\n - powerpc/xive: Replace msleep(x) with\n msleep(OPAL_BUSY_DELAY_MS) (bsc#1085030).\n\n - powerpc/xive: Use XIVE_BAD_IRQ instead of zero to catch\n non configured IPIs (bsc#1085030).\n\n - pwm: bcm2835: Dynamically allocate base (bsc#1051510).\n\n - pwm: meson: Fix confusing indentation (bsc#1051510).\n\n - pwm: pca9685: Fix PWM/GPIO inter-operation\n (bsc#1051510).\n\n - pwm: rcar: Fix late Runtime PM enablement (bsc#1051510).\n\n - pwm: renesas-tpu: Fix late Runtime PM enablement\n (bsc#1051510).\n\n - pxa168fb: fix release function mismatch in probe failure\n (bsc#1051510).\n\n - qmi_wwan: unconditionally reject 2 ep interfaces\n (bsc#1051510).\n\n - rtlwifi: rtl8192de: Fix missing callback that tests for\n hw release of buffer (git-fixes).\n\n - s390/mm: fix dynamic pagetable upgrade for hugetlbfs\n (bsc#1165182 LTC#184102).\n\n - s390/qeth: fix potential deadlock on workqueue flush\n (bsc#1165185 LTC#184108).\n\n - scsi: core: avoid repetitive logging of device offline\n messages (bsc#1145929).\n\n - scsi: core: kABI fix offline_already (bsc#1145929).\n\n - scsi: fc: Update Descriptor definition and add RDF and\n Link Integrity FPINs (bsc#1164777 bsc#1164780\n bsc#1165211).\n\n - scsi: ibmvfc: Fix NULL return compiler warning\n (bsc#1161951 ltc#183551). \n\n - scsi: lpfc: Change default SCSI LUN QD to 64\n (bsc#1164777 bsc#1164780 bsc#1165211 jsc#SLE-8654). \n\n - scsi: lpfc: Clean up hba max_lun_queue_depth checks\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Copyright updates for 12.6.0.4 patches\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix Fabric hostname registration if system\n hostname changes (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix MDS Latency Diagnostics Err-drop rates\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix RQ buffer leakage when no IOCBs\n available (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix broken Credit Recovery after driver load\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix compiler warning on frame size\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix coverity errors in fmdi attribute\n handling (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix crash after handling a pci error\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix crash in target side cable pulls hitting\n WAIT_FOR_UNREG (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix disablement of FC-AL on lpe35000 models\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix driver nvme rescan logging (bsc#1164777\n bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix erroneous cpu limit of 128 on I/O\n statistics (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix improper flag check for IO type\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix incomplete NVME discovery when target\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix kasan slab-out-of-bounds error in\n lpfc_unreg_login (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix lockdep error - register non-static key\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix lpfc overwrite of sg_cnt field in\n nvmefc_tgt_fcp_req (bsc#1164777 bsc#1164780\n bsc#1165211).\n\n - scsi: lpfc: Fix lpfc_io_buf resource leak in\n lpfc_get_scsi_buf_s4 error path (bsc#1164777 bsc#1164780\n bsc#1165211).\n\n - scsi: lpfc: Fix memory leak on lpfc_bsg_write_ebuf_set\n func (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix missing check for CSF in Write Object\n Mbox Rsp (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix ras_log via debugfs (bsc#1164777\n bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix registration of ELS type support in fdmi\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix release of hwq to clear the eq\n relationship (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix scsi host template for SLI3 vports\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix unmap of dpp bars affecting next driver\n load (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Fix update of wq consumer index in\n lpfc_sli4_wq_release (bsc#1164777 bsc#1164780\n bsc#1165211).\n\n - scsi: lpfc: Fix: Rework setting of fdmi symbolic node\n name registration (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Make debugfs ktime stats generic for NVME\n and SCSI (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Make lpfc_defer_acc_rsp static (bsc#1164777\n bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Remove handler for obsolete ELS - Read Port\n Status (RPS) (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Remove prototype FIPS/DSS options from SLI-3\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Update lpfc version to 12.6.0.3 (bsc#1164777\n bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Update lpfc version to 12.6.0.4 (bsc#1164777\n bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: Update lpfc version to 12.8.0.0 (bsc#1164777\n bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: add RDF registration and Link Integrity FPIN\n logging (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: fix spelling mistake 'Notication' ->\n 'Notification' (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: lpfc: fix spelling mistakes of asynchronous\n (bsc#1164777 bsc#1164780 bsc#1165211).\n\n - scsi: qla2xxx: Fix I/Os being passed down when FC device\n is being deleted (bsc#1157424).\n\n - serdev: ttyport: restore client ops on deregistration\n (bsc#1051510).\n\n - staging: ccree: use signal safe completion wait\n (git-fixes).\n\n - staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device\n table (bsc#1051510).\n\n - staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi\n (bsc#1051510).\n\n - staging: wlan-ng: fix ODEBUG bug in\n prism2sta_disconnect_usb (bsc#1051510).\n\n - staging: wlan-ng: fix use-after-free Read in\n hfa384x_usbin_callback (bsc#1051510).\n\n - swiotlb: do not panic on mapping failures (bsc#1162171).\n\n - swiotlb: remove the overflow buffer (bsc#1162171).\n\n - thermal: devfreq_cooling: inline all stubs for\n CONFIG_DEVFREQ_THERMAL=n (bsc#1051510).\n\n - tpm: ibmvtpm: Wait for buffer to be set before\n proceeding (bsc#1065729).\n\n - tty/serial: atmel: manage shutdown in case of RS485 or\n ISO7816 mode (bsc#1051510).\n\n - tty: evh_bytechan: Fix out of bounds accesses\n (bsc#1051510).\n\n - tty: serial: imx: setup the correct sg entry for tx dma\n (bsc#1051510).\n\n - usb: audio-v2: Add uac2_effect_unit_descriptor\n definition (bsc#1051510).\n\n - usb: core: hub: do error out if\n usb_autopm_get_interface() fails (git-fixes).\n\n - usb: core: port: do error out if\n usb_autopm_get_interface() fails (git-fixes).\n\n - usb: dwc2: Fix in ISOC request length checking\n (git-fixes).\n\n - usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus\n (git-fixes).\n\n - usb: gadget: f_fs: Fix use after free issue as part of\n queue failure (bsc#1051510).\n\n - usb: host: xhci-plat: add a shutdown (git-fixes).\n\n - usb: musb: Disable pullup at init (git-fixes).\n\n - usb: musb: fix crash with highmen PIO and usbmon\n (bsc#1051510).\n\n - usb: quirks: add NO_LPM quirk for Logitech Screen Share\n (git-fixes).\n\n - usb: quirks: add NO_LPM quirk for RTL8153 based ethernet\n adapters (git-fixes).\n\n - usb: storage: Add quirk for Samsung Fit flash\n (git-fixes).\n\n - usb: uas: fix a plug & unplug racing (git-fixes).\n\n - usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI\n controller 1022:145c (git-fixes).\n\n - virtio-blk: improve virtqueue error to BLK_STS\n (bsc#1167627).\n\n - virtio_ring: fix unmap of indirect descriptors\n (bsc#1162171).\n\n - x86/mce: Fix logic and comments around MSR_PPIN_CTL\n (bsc#1114279).\n\n - x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve\n existing changes (bsc#1114279).\n\n - xen/blkfront: fix memory allocation flags in\n blkfront_setup_indirect() (bsc#1168486).\n\n - xhci: Do not open code __print_symbolic() in xhci trace\n events (git-fixes).\n\n - xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake\n platforms (git-fixes).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1083647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1085030\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1137325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1145051\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1145929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1148868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1157424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1158983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1159037\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1159198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1159199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1161561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1161951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1162171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1163403\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1163897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1164284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1164777\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1164780\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1164893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1165019\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1165182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1165185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1165211\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1165823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1165949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1166780\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1166860\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1166861\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1166862\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1166864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1166866\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1166867\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1166868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1166870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1166940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1166982\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167005\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167216\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167288\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167316\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168273\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168276\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168295\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168486\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168552\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168762\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168763\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168764\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168765\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168881\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168884\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168952\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169625\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-base-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-base-debuginfo-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-debuginfo-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-debugsource-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-devel-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-devel-debuginfo-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-base-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-base-debuginfo-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-debuginfo-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-debugsource-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-devel-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-devel-debuginfo-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-devel-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-docs-html-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-base-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-base-debuginfo-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-debuginfo-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-debugsource-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-devel-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-devel-debuginfo-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-macros-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-obs-build-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-obs-build-debugsource-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-obs-qa-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-source-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-source-vanilla-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-syms-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-base-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-debuginfo-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-debugsource-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-devel-4.12.14-lp151.28.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-devel-debuginfo-4.12.14-lp151.28.48.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-debug-base / kernel-debug-base-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:05:04", "description": "The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability to run code in kernel space of a guest VM can cause the host kernel to panic (bnc#1168276).\n\nCVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL (bnc#1168424).\n\nCVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bnc#1167629).\n\nCVE-2019-9458: In the video driver there was a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed (bnc#1168295).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a system crash (bnc#1120386).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function (bsc#1159198).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S did not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nCVE-2020-8647: There was a use-after-free vulnerability in the vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929).\n\nCVE-2020-8649: There was a use-after-free vulnerability in the vgacon_invert_region function in drivers/video/console/vgacon.c (bnc#1162931).\n\nCVE-2020-9383: An issue was discovered set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it (bnc#1165111).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function in kernel/trace/blktrace.c (bnc#1159285).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-30T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1141-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19768", "CVE-2019-19770", "CVE-2019-3701", "CVE-2019-9458", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11669", "CVE-2020-8647", "CVE-2020-8649", "CVE-2020-8834", "CVE-2020-9383"], "modified": "2020-05-04T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-1141-1.NASL", "href": "https://www.tenable.com/plugins/nessus/136165", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1141-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136165);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/04\");\n\n script_cve_id(\"CVE-2019-19768\", \"CVE-2019-19770\", \"CVE-2019-3701\", \"CVE-2019-9458\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11669\", \"CVE-2020-8647\", \"CVE-2020-8649\", \"CVE-2020-8834\", \"CVE-2020-9383\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1141-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-8834: KVM on Power8 processors had a conflicting use of\nHSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in\nkvmppc_{save,restore}_tm, leading to a stack corruption. Because of\nthis, an attacker with the ability to run code in kernel space of a\nguest VM can cause the host kernel to panic (bnc#1168276).\n\nCVE-2020-11494: An issue was discovered in slc_bump in\ndrivers/net/can/slcan.c, which allowed attackers to read uninitialized\ncan_frame data, potentially containing sensitive information from\nkernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL\n(bnc#1168424).\n\nCVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks\nvalidation of an sk_family field, which might allow attackers to\ntrigger kernel stack corruption via crafted system calls\n(bnc#1167629).\n\nCVE-2019-9458: In the video driver there was a use after free due to a\nrace condition. This could lead to local escalation of privilege with\nno additional execution privileges needed (bnc#1168295).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a\nsystem crash (bnc#1120386).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function\n(bsc#1159198).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S\ndid not have save/restore functionality for PNV_POWERSAVE_AMR,\nPNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nCVE-2020-8647: There was a use-after-free vulnerability in the\nvc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929).\n\nCVE-2020-8649: There was a use-after-free vulnerability in the\nvgacon_invert_region function in drivers/video/console/vgacon.c\n(bnc#1162931).\n\nCVE-2020-9383: An issue was discovered set_fdc in\ndrivers/block/floppy.c leads to a wait_til_ready out-of-bounds read\nbecause the FDC index is not checked for errors before assigning it\n(bnc#1165111).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function\nin kernel/trace/blktrace.c (bnc#1159285).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1044231\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1056686\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1060463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085030\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145051\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154385\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158552\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159037\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159142\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160659\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163403\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164507\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165019\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165984\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166632\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166730\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166780\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166860\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166861\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166862\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166866\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166867\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167005\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167288\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167316\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168276\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168295\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168486\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168762\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168763\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168764\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168765\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168881\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168884\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168952\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19768/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19770/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3701/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9458/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10942/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11494/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11669/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8647/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8649/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8834/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9383/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201141-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?050888ae\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP4 :\n\nzypper in -t patch SUSE-SLE-WE-12-SP4-2020-1141=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP4-2020-1141=1\n\nSUSE Linux Enterprise Server 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1141=1\n\nSUSE Linux Enterprise Live Patching 12-SP4 :\n\nzypper in -t patch SUSE-SLE-Live-Patching-12-SP4-2020-1141=1\n\nSUSE Linux Enterprise High Availability 12-SP4 :\n\nzypper in -t patch SUSE-SLE-HA-12-SP4-2020-1141=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-devel-debuginfo-4.12.14-95.51.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-95.51.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-4.12.14-95.51.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-base-4.12.14-95.51.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-base-debuginfo-4.12.14-95.51.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-debuginfo-4.12.14-95.51.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-debugsource-4.12.14-95.51.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-devel-4.12.14-95.51.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-syms-4.12.14-95.51.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:59:01", "description": "The SUSE Linux Enterprise 12 SP4 azure kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability to run code in kernel space of a guest VM can cause the host kernel to panic (bnc#1168276).\n\nCVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL (bnc#1168424).\n\nCVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bnc#1167629).\n\nCVE-2019-9458: In the video driver there was a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed (bnc#1168295).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a system crash (bnc#1120386).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function (bsc#1159198).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S did not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nCVE-2020-8647: There was a use-after-free vulnerability in the vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929).\n\nCVE-2020-8649: There was a use-after-free vulnerability in the vgacon_invert_region function in drivers/video/console/vgacon.c (bnc#1162931).\n\nCVE-2020-9383: An issue was discovered set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it (bnc#1165111).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function in kernel/trace/blktrace.c (bnc#1159285).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-28T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1119-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19768", "CVE-2019-19770", "CVE-2019-3701", "CVE-2019-9458", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11669", "CVE-2020-8647", "CVE-2020-8649", "CVE-2020-8834", "CVE-2020-9383"], "modified": "2020-04-30T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-azure", "p-cpe:/a:novell:suse_linux:kernel-azure-base", "p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debugsource", "p-cpe:/a:novell:suse_linux:kernel-azure-devel", "p-cpe:/a:novell:suse_linux:kernel-syms-azure", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-1119-1.NASL", "href": "https://www.tenable.com/plugins/nessus/136026", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1119-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136026);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/30\");\n\n script_cve_id(\"CVE-2019-19768\", \"CVE-2019-19770\", \"CVE-2019-3701\", \"CVE-2019-9458\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11669\", \"CVE-2020-8647\", \"CVE-2020-8649\", \"CVE-2020-8834\", \"CVE-2020-9383\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1119-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 SP4 azure kernel was updated to receive\nvarious security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-8834: KVM on Power8 processors had a conflicting use of\nHSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in\nkvmppc_{save,restore}_tm, leading to a stack corruption. Because of\nthis, an attacker with the ability to run code in kernel space of a\nguest VM can cause the host kernel to panic (bnc#1168276).\n\nCVE-2020-11494: An issue was discovered in slc_bump in\ndrivers/net/can/slcan.c, which allowed attackers to read uninitialized\ncan_frame data, potentially containing sensitive information from\nkernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL\n(bnc#1168424).\n\nCVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks\nvalidation of an sk_family field, which might allow attackers to\ntrigger kernel stack corruption via crafted system calls\n(bnc#1167629).\n\nCVE-2019-9458: In the video driver there was a use after free due to a\nrace condition. This could lead to local escalation of privilege with\nno additional execution privileges needed (bnc#1168295).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a\nsystem crash (bnc#1120386).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function\n(bsc#1159198).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S\ndid not have save/restore functionality for PNV_POWERSAVE_AMR,\nPNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nCVE-2020-8647: There was a use-after-free vulnerability in the\nvc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929).\n\nCVE-2020-8649: There was a use-after-free vulnerability in the\nvgacon_invert_region function in drivers/video/console/vgacon.c\n(bnc#1162931).\n\nCVE-2020-9383: An issue was discovered set_fdc in\ndrivers/block/floppy.c leads to a wait_til_ready out-of-bounds read\nbecause the FDC index is not checked for errors before assigning it\n(bnc#1165111).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function\nin kernel/trace/blktrace.c (bnc#1159285).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1044231\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1056686\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1060463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1071995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085030\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145051\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154385\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158552\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159037\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159142\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160659\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163403\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164507\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165019\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165984\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166632\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166730\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166780\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166860\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166861\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166862\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166866\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166867\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167005\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167288\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167316\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168276\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168295\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168486\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168762\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168763\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168764\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168765\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168881\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168884\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168952\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169057\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19768/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19770/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3701/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9458/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10942/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11494/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11669/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8647/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8649/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8834/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9383/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201119-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?de2acd1a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2020-1119=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-4.12.14-6.40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-base-4.12.14-6.40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-base-debuginfo-4.12.14-6.40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-debuginfo-4.12.14-6.40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-debugsource-4.12.14-6.40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-devel-4.12.14-6.40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-syms-azure-4.12.14-6.40.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:59:28", "description": "The SUSE Linux Enterprise 12 SP5 azure kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability to run code in kernel space of a guest VM can cause the host kernel to panic (bnc#1168276).\n\nCVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL (bnc#1168424).\n\nCVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bnc#1167629).\n\nCVE-2019-9458: In the video driver there was a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed (bnc#1168295).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a system crash (bnc#1120386).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function (bsc#1159198).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S did not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nCVE-2020-8647: There was a use-after-free vulnerability in the vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929).\n\nCVE-2020-8649: There was a use-after-free vulnerability in the vgacon_invert_region function in drivers/video/console/vgacon.c (bnc#1162931).\n\nCVE-2020-9383: An issue was discovered set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it (bnc#1165111).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function in kernel/trace/blktrace.c (bnc#1159285).\n\nCVE-2018-20836: Fixed an issue where a race condition in smp_task_timedout() and smp_task_done() could lead to a use-after-free (bnc#1134395).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-28T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1118-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20836", "CVE-2019-19768", "CVE-2019-19770", "CVE-2019-3701", "CVE-2019-9458", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11669", "CVE-2020-8647", "CVE-2020-8649", "CVE-2020-8834", "CVE-2020-9383"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-azure", "p-cpe:/a:novell:suse_linux:kernel-azure-base", "p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debugsource", "p-cpe:/a:novell:suse_linux:kernel-azure-devel", "p-cpe:/a:novell:suse_linux:kernel-syms-azure", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-1118-1.NASL", "href": "https://www.tenable.com/plugins/nessus/136025", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1118-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136025);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2018-20836\",\n \"CVE-2019-3701\",\n \"CVE-2019-9458\",\n \"CVE-2019-19768\",\n \"CVE-2019-19770\",\n \"CVE-2020-8647\",\n \"CVE-2020-8649\",\n \"CVE-2020-8834\",\n \"CVE-2020-9383\",\n \"CVE-2020-10942\",\n \"CVE-2020-11494\",\n \"CVE-2020-11669\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1118-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The SUSE Linux Enterprise 12 SP5 azure kernel was updated to receive\nvarious security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-8834: KVM on Power8 processors had a conflicting use of\nHSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in\nkvmppc_{save,restore}_tm, leading to a stack corruption. Because of\nthis, an attacker with the ability to run code in kernel space of a\nguest VM can cause the host kernel to panic (bnc#1168276).\n\nCVE-2020-11494: An issue was discovered in slc_bump in\ndrivers/net/can/slcan.c, which allowed attackers to read uninitialized\ncan_frame data, potentially containing sensitive information from\nkernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL\n(bnc#1168424).\n\nCVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks\nvalidation of an sk_family field, which might allow attackers to\ntrigger kernel stack corruption via crafted system calls\n(bnc#1167629).\n\nCVE-2019-9458: In the video driver there was a use after free due to a\nrace condition. This could lead to local escalation of privilege with\nno additional execution privileges needed (bnc#1168295).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a\nsystem crash (bnc#1120386).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function\n(bsc#1159198).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S\ndid not have save/restore functionality for PNV_POWERSAVE_AMR,\nPNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nCVE-2020-8647: There was a use-after-free vulnerability in the\nvc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929).\n\nCVE-2020-8649: There was a use-after-free vulnerability in the\nvgacon_invert_region function in drivers/video/console/vgacon.c\n(bnc#1162931).\n\nCVE-2020-9383: An issue was discovered set_fdc in\ndrivers/block/floppy.c leads to a wait_til_ready out-of-bounds read\nbecause the FDC index is not checked for errors before assigning it\n(bnc#1165111).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function\nin kernel/trace/blktrace.c (bnc#1159285).\n\nCVE-2018-20836: Fixed an issue where a race condition in\nsmp_task_timedout() and smp_task_done() could lead to a use-after-free\n(bnc#1134395).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1044231\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050549\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1056686\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1060463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083647\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088810\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103990\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104353\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109837\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109911\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112178\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112504\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119680\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123328\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133021\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134090\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134395\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136157\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136333\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137325\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144333\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146539\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154385\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156510\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157424\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158187\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158552\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158983\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159198\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160659\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161702\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161951\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162171\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162931\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163403\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163508\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164078\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164284\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164507\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164777\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164780\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164893\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165182\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165185\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165211\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165404\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165488\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165581\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165873\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165950\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165980\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165985\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166101\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166102\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166103\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166730\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166731\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166733\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166780\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166860\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166861\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166864\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166870\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166940\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167288\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167290\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167421\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167423\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167627\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167629\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168075\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168202\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168273\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168276\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168295\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168367\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168424\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168443\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168552\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168760\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168763\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168764\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168829\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-20836/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19768/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19770/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-3701/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9458/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10942/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-11494/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-11669/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-8647/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-8649/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-8834/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9383/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201118-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4f96f5eb\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2020-1118=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20836\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-19770\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-azure-4.12.14-16.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-azure-base-4.12.14-16.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-azure-base-debuginfo-4.12.14-16.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-azure-debuginfo-4.12.14-16.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-azure-debugsource-4.12.14-16.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-azure-devel-4.12.14-16.13.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-syms-azure-4.12.14-16.13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:59:02", "description": "The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability to run code in kernel space of a guest VM can cause the host kernel to panic (bnc#1168276).\n\nCVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL (bnc#1168424).\n\nCVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bnc#1167629).\n\nCVE-2020-8647: Fixed a use-after-free vulnerability in the vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929).\n\nCVE-2020-8649: Fixed a use-after-free vulnerability in the vgacon_invert_region function in drivers/video/console/vgacon.c (bnc#1162931).\n\nCVE-2020-9383: Fixed an issue in set_fdc in drivers/block/floppy.c, which leads to a wait_til_ready out-of-bounds read (bnc#1165111).\n\nCVE-2019-9458: In the video driver there was a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed (bnc#1168295).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a system crash (bnc#1120386).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function in kernel/trace/blktrace.c (bnc#1159285).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function (bsc#1159198).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-29T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:1123-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19768", "CVE-2019-19770", "CVE-2019-3701", "CVE-2019-9458", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-8647", "CVE-2020-8649", "CVE-2020-8834", "CVE-2020-9383"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt", "p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt-debuginfo", "p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt_debug", "p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt_debug-debuginfo", "p-cpe:/a:novell:suse_linux:dlm-kmp-rt", "p-cpe:/a:novell:suse_linux:dlm-kmp-rt-debuginfo", "p-cpe:/a:novell:suse_linux:dlm-kmp-rt_debug", "p-cpe:/a:novell:suse_linux:dlm-kmp-rt_debug-debuginfo", "p-cpe:/a:novell:suse_linux:gfs2-kmp-rt", "p-cpe:/a:novell:suse_linux:gfs2-kmp-rt-debuginfo", "p-cpe:/a:novell:suse_linux:gfs2-kmp-rt_debug", "p-cpe:/a:novell:suse_linux:gfs2-kmp-rt_debug-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt", "p-cpe:/a:novell:suse_linux:kernel-rt-base", "p-cpe:/a:novell:suse_linux:kernel-rt-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt-debugsource", "p-cpe:/a:novell:suse_linux:kernel-rt-devel", "p-cpe:/a:novell:suse_linux:kernel-rt-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt-extra", "p-cpe:/a:novell:suse_linux:kernel-rt-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-rt_debug", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-base", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-debugsource", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-extra", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-syms-rt", "p-cpe:/a:novell:suse_linux:kselftests-kmp-rt", "p-cpe:/a:novell:suse_linux:kselftests-kmp-rt-debuginfo", "p-cpe:/a:novell:suse_linux:kselftests-kmp-rt_debug", "p-cpe:/a:novell:suse_linux:kselftests-kmp-rt_debug-debuginfo", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt-debuginfo", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt_debug", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt_debug-debuginfo", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt-debuginfo", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt_debug", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt_debug-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-1123-1.NASL", "href": "https://www.tenable.com/plugins/nessus/136075", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1123-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136075);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-19768\", \"CVE-2019-19770\", \"CVE-2019-3701\", \"CVE-2019-9458\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-8647\", \"CVE-2020-8649\", \"CVE-2020-8834\", \"CVE-2020-9383\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:1123-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive\nvarious security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-8834: KVM on Power8 processors had a conflicting use of\nHSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in\nkvmppc_{save,restore}_tm, leading to a stack corruption. Because of\nthis, an attacker with the ability to run code in kernel space of a\nguest VM can cause the host kernel to panic (bnc#1168276).\n\nCVE-2020-11494: An issue was discovered in slc_bump in\ndrivers/net/can/slcan.c, which allowed attackers to read uninitialized\ncan_frame data, potentially containing sensitive information from\nkernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL\n(bnc#1168424).\n\nCVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks\nvalidation of an sk_family field, which might allow attackers to\ntrigger kernel stack corruption via crafted system calls\n(bnc#1167629).\n\nCVE-2020-8647: Fixed a use-after-free vulnerability in the\nvc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929).\n\nCVE-2020-8649: Fixed a use-after-free vulnerability in the\nvgacon_invert_region function in drivers/video/console/vgacon.c\n(bnc#1162931).\n\nCVE-2020-9383: Fixed an issue in set_fdc in drivers/block/floppy.c,\nwhich leads to a wait_til_ready out-of-bounds read (bnc#1165111).\n\nCVE-2019-9458: In the video driver there was a use after free due to a\nrace condition. This could lead to local escalation of privilege with\nno additional execution privileges needed (bnc#1168295).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a\nsystem crash (bnc#1120386).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function\nin kernel/trace/blktrace.c (bnc#1159285).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function\n(bsc#1159198).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1044231\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1056686\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1060463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085030\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103992\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112374\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127611\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141895\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145051\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160659\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164507\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164777\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164780\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165019\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165211\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165949\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165984\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166632\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166730\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166982\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167005\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167216\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167290\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167316\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167627\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168075\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168273\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168276\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168295\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168552\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19768/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19770/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3701/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9458/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10942/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11494/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8647/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8649/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8834/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9383/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201123-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?810933fe\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Realtime 15-SP1:zypper in -t patch\nSUSE-SLE-Module-RT-15-SP1-2020-1123=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-1123=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"cluster-md-kmp-rt-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"cluster-md-kmp-rt-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"cluster-md-kmp-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"cluster-md-kmp-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"dlm-kmp-rt-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"dlm-kmp-rt-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"dlm-kmp-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"dlm-kmp-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"gfs2-kmp-rt-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"gfs2-kmp-rt-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"gfs2-kmp-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"gfs2-kmp-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-base-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-base-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-debugsource-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-devel-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-devel-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-extra-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-extra-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-livepatch-devel-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-base-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-base-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-debugsource-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-devel-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-devel-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-extra-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-extra-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-livepatch-devel-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-syms-rt-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"ocfs2-kmp-rt-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"ocfs2-kmp-rt-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"ocfs2-kmp-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"ocfs2-kmp-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"cluster-md-kmp-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"cluster-md-kmp-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"dlm-kmp-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"dlm-kmp-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"gfs2-kmp-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"gfs2-kmp-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-debugsource-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-extra-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-extra-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-livepatch-devel-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-base-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-base-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-debugsource-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-extra-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-extra-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-livepatch-devel-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"ocfs2-kmp-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"ocfs2-kmp-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt-debuginfo-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt_debug-4.12.14-14.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt_debug-debuginfo-4.12.14-14.23.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:58:14", "description": "The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability to run code in kernel space of a guest VM can cause the host kernel to panic (bnc#1168276).\n\nCVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL (bnc#1168424).\n\nCVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bnc#1167629).\n\nCVE-2019-9458: In the video driver there was a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed (bnc#1168295).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a system crash (bnc#1120386).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function (bsc#1159198).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S did not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nCVE-2020-2732: Fixed an issue where under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest (bnc#1163971).\n\nCVE-2020-8647: There was a use-after-free vulnerability in the vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929 1164078).\n\nCVE-2020-8649: There was a use-after-free vulnerability in the vgacon_invert_region function in drivers/video/console/vgacon.c (bnc#1162929 1162931).\n\nCVE-2020-9383: An issue was discovered set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it (bnc#1165111).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function in kernel/trace/blktrace.c (bnc#1159285).\n\nCVE-2018-20836: Fixed an issue where a race condition in smp_task_timedout() and smp_task_done() cloud lead to a use-after-free (bnc#1134395).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-30T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1142-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20836", "CVE-2019-19768", "CVE-2019-19770", "CVE-2019-3701", "CVE-2019-9458", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11669", "CVE-2020-2732", "CVE-2020-8647", "CVE-2020-8649", "CVE-2020-8834", "CVE-2020-9383"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-1142-1.NASL", "href": "https://www.tenable.com/plugins/nessus/136166", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1142-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136166);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2018-20836\",\n \"CVE-2019-3701\",\n \"CVE-2019-9458\",\n \"CVE-2019-19768\",\n \"CVE-2019-19770\",\n \"CVE-2020-2732\",\n \"CVE-2020-8647\",\n \"CVE-2020-8649\",\n \"CVE-2020-8834\",\n \"CVE-2020-9383\",\n \"CVE-2020-10942\",\n \"CVE-2020-11494\",\n \"CVE-2020-11669\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1142-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-8834: KVM on Power8 processors had a conflicting use of\nHSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in\nkvmppc_{save,restore}_tm, leading to a stack corruption. Because of\nthis, an attacker with the ability to run code in kernel space of a\nguest VM can cause the host kernel to panic (bnc#1168276).\n\nCVE-2020-11494: An issue was discovered in slc_bump in\ndrivers/net/can/slcan.c, which allowed attackers to read uninitialized\ncan_frame data, potentially containing sensitive information from\nkernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL\n(bnc#1168424).\n\nCVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks\nvalidation of an sk_family field, which might allow attackers to\ntrigger kernel stack corruption via crafted system calls\n(bnc#1167629).\n\nCVE-2019-9458: In the video driver there was a use after free due to a\nrace condition. This could lead to local escalation of privilege with\nno additional execution privileges needed (bnc#1168295).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a\nsystem crash (bnc#1120386).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function\n(bsc#1159198).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S\ndid not have save/restore functionality for PNV_POWERSAVE_AMR,\nPNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nCVE-2020-2732: Fixed an issue where under some circumstances, an L2\nguest may trick the L0 guest into accessing sensitive L1 resources\nthat should be inaccessible to the L2 guest (bnc#1163971).\n\nCVE-2020-8647: There was a use-after-free vulnerability in the\nvc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929 1164078).\n\nCVE-2020-8649: There was a use-after-free vulnerability in the\nvgacon_invert_region function in drivers/video/console/vgacon.c\n(bnc#1162929 1162931).\n\nCVE-2020-9383: An issue was discovered set_fdc in\ndrivers/block/floppy.c leads to a wait_til_ready out-of-bounds read\nbecause the FDC index is not checked for errors before assigning it\n(bnc#1165111).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function\nin kernel/trace/blktrace.c (bnc#1159285).\n\nCVE-2018-20836: Fixed an issue where a race condition in\nsmp_task_timedout() and smp_task_done() cloud lead to a use-after-free\n(bnc#1134395).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1044231\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050549\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1056686\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1060463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083647\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088810\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103990\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104353\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109837\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109911\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112178\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112504\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119680\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120386\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123328\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133021\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134090\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134395\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136157\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136333\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137325\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144162\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144333\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146539\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154385\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156510\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157424\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158187\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158552\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158983\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159198\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160659\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161702\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161951\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162171\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162931\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163403\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163508\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163971\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164078\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164284\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164471\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164507\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164598\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164712\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164727\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164728\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164730\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164731\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164733\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164777\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164780\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1164893\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165182\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165185\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165211\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165404\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165488\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165581\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165873\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165950\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165980\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165984\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165985\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166101\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166102\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166103\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166730\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166731\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166733\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166780\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166860\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166861\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166864\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166870\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166940\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1166982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167288\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167290\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167421\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167423\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167627\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167629\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168075\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168202\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168273\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168276\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168295\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168367\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168424\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168443\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168552\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168760\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168763\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168764\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168765\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168829\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-20836/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19768/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19770/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-3701/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9458/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10942/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-11494/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-11669/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2732/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-8647/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-8649/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-8834/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-9383/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201142-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5f22a896\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP5:zypper in -t patch\nSUSE-SLE-WE-12-SP5-2020-1142=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t\npatch SUSE-SLE-SDK-12-SP5-2020-1142=1\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2020-1142=1\n\nSUSE Linux Enterprise Live Patching 12-SP5:zypper in -t patch\nSUSE-SLE-Live-Patching-12-SP5-2020-1142=1\n\nSUSE Linux Enterprise High Availability 12-SP5:zypper in -t patch\nSUSE-SLE-HA-12-SP5-2020-1142=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20836\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-19770\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"kernel-default-devel-debuginfo-4.12.14-122.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-122.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"kernel-default-4.12.14-122.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"kernel-default-base-4.12.14-122.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"kernel-default-base-debuginfo-4.12.14-122.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"kernel-default-debuginfo-4.12.14-122.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"kernel-default-debugsource-4.12.14-122.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"kernel-default-devel-4.12.14-122.20.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"kernel-syms-4.12.14-122.20.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-21T15:26:17", "description": "It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-11494)\n\nIt was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565)\n\nDavid Gibson discovered that the Linux kernel on Power9 CPUs did not properly save and restore Authority Mask registers state in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2020-11669)\n\nIt was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-05-19T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4363-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11494", "CVE-2020-11565", "CVE-2020-11669", "CVE-2020-12657"], "modified": "2023-10-21T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-101-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-101-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-101-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1039-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1059-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1060-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1062-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1067-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1071-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1079-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1081-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1083-azure", "cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4363-1.NASL", "href": "https://www.tenable.com/plugins/nessus/136710", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4363-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136710);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/21\");\n\n script_cve_id(\n \"CVE-2020-11494\",\n \"CVE-2020-11565\",\n \"CVE-2020-11669\",\n \"CVE-2020-12657\"\n );\n script_xref(name:\"USN\", value:\"4363-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4363-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"It was discovered that the Serial CAN interface driver in the Linux\nkernel did not properly initialize data. A local attacker could use\nthis to expose sensitive information (kernel memory). (CVE-2020-11494)\n\nIt was discovered that the linux kernel did not properly validate\ncertain mount options to the tmpfs virtual memory file system. A local\nattacker with the ability to specify mount options could use this to\ncause a denial of service (system crash). (CVE-2020-11565)\n\nDavid Gibson discovered that the Linux kernel on Power9 CPUs did not\nproperly save and restore Authority Mask registers state in some\nsituations. A local attacker in a guest VM could use this to cause a\ndenial of service (host system crash). (CVE-2020-11669)\n\nIt was discovered that the block layer in the Linux kernel contained a\nrace condition leading to a use-after-free vulnerability. A local\nattacker could possibly use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2020-12657).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4363-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-12657\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-101-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-101-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-101-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1039-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1059-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1060-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1062-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1067-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1071-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1079-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1081-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1083-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('16.04' >< os_release || '18.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar kernel_mappings = {\n '16.04': {\n '4.15.0': {\n 'generic': '4.15.0-101',\n 'generic-lpae': '4.15.0-101',\n 'lowlatency': '4.15.0-101',\n 'oracle': '4.15.0-1039',\n 'aws': '4.15.0-1067',\n 'gcp': '4.15.0-1071',\n 'azure': '4.15.0-1083'\n }\n },\n '18.04': {\n '4.15.0': {\n 'generic': '4.15.0-101',\n 'generic-lpae': '4.15.0-101',\n 'lowlatency': '4.15.0-101',\n 'oracle': '4.15.0-1039',\n 'gke': '4.15.0-1059',\n 'kvm': '4.15.0-1060',\n 'raspi2': '4.15.0-1062',\n 'aws': '4.15.0-1067',\n 'snapdragon': '4.15.0-1079',\n 'oem': '4.15.0-1081',\n 'azure': '4.15.0-1083'\n }\n }\n};\n\nvar host_kernel_release = get_kb_item_or_exit('Host/uname-r');\nvar host_kernel_version = get_kb_item_or_exit('Host/Debian/kernel-version');\nvar host_kernel_base_version = get_kb_item_or_exit('Host/Debian/kernel-base-version');\nvar host_kernel_type = get_kb_item_or_exit('Host/Debian/kernel-type');\nif(empty_or_null(kernel_mappings[os_release][host_kernel_base_version][host_kernel_type])) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + host_kernel_release);\n\nvar extra = '';\nvar kernel_fixed_version = kernel_mappings[os_release][host_kernel_base_version][host_kernel_type];\nif (deb_ver_cmp(ver1:host_kernel_version, ver2:kernel_fixed_version) < 0)\n{\n extra = extra + 'Running Kernel level of ' + host_kernel_version + ' does not meet the minimum fixed level of ' + kernel_fixed_version + ' for this advisory.\\n\\n';\n}\n else\n{\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-4363-1');\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2020-11494', 'CVE-2020-11565', 'CVE-2020-11669', 'CVE-2020-12657');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-4363-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:25", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2020-12-22T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Linux PHSA-2020-3.0-0177", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19770"], "modified": "2020-12-23T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2020-3_0-0177_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/144514", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-3.0-0177. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144514);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/23\");\n\n script_cve_id(\"CVE-2019-19770\");\n\n script_name(english:\"Photon OS 3.0: Linux PHSA-2020-3.0-0177\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-177.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19770\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 3.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nflag = 0;\n\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-4.19.160-4.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', reference:'linux-api-headers-4.19.160-3.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-aws-4.19.160-2.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-aws-devel-4.19.160-2.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-aws-docs-4.19.160-2.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-aws-drivers-gpu-4.19.160-2.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-aws-hmacgen-4.19.160-2.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-aws-oprofile-4.19.160-2.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-aws-sound-4.19.160-2.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-devel-4.19.160-4.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-docs-4.19.160-4.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-drivers-gpu-4.19.160-4.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-drivers-intel-sgx-4.19.160-4.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-drivers-sound-4.19.160-4.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-esx-4.19.160-4.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-esx-devel-4.19.160-4.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-esx-docs-4.19.160-4.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-esx-hmacgen-4.19.160-4.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-hmacgen-4.19.160-4.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-oprofile-4.19.160-4.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-python3-perf-4.19.160-4.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-rt-4.19.160-3.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-rt-devel-4.19.160-3.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-rt-docs-4.19.160-3.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-secure-4.19.160-2.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-secure-devel-4.19.160-2.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-secure-docs-4.19.160-2.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-secure-hmacgen-4.19.160-2.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-secure-lkcm-4.19.160-2.ph3')) flag++;\nif (rpm_check(release:'PhotonOS-3.0', cpu:'x86_64', reference:'linux-tools-4.19.160-4.ph3')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:59:39", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2020-04-12T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Linux PHSA-2020-3.0-0073", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10942"], "modified": "2020-04-29T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2020-3_0-0073_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/135403", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-3.0-0073. The text\n# itself is copyright (C) VMware, Inc.\n\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135403);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/29\");\n\n script_cve_id(\"CVE-2020-10942\");\n\n script_name(english:\"Photon OS 3.0: Linux PHSA-2020-3.0-0073\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-73.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10942\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-api-headers-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-debuginfo-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-devel-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-docs-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-drivers-gpu-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-hmacgen-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-oprofile-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-sound-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-debuginfo-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-devel-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-docs-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-drivers-gpu-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-drivers-sound-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-esx-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-esx-debuginfo-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-esx-devel-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-esx-docs-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-esx-hmacgen-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-hmacgen-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-oprofile-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-secure-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-secure-debuginfo-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-secure-devel-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-secure-docs-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-secure-hmacgen-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-secure-lkcm-4.19.112-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-tools-4.19.112-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:59:20", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2020-04-29T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Linux PHSA-2020-1.0-0290", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11565", "CVE-2020-11608", "CVE-2020-11609", "CVE-2020-11668"], "modified": "2020-05-01T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2020-1_0-0290_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/136107", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-1.0-0290. The text\n# itself is copyright (C) VMware, Inc.\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136107);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/01\");\n\n script_cve_id(\n \"CVE-2020-10942\",\n \"CVE-2020-11494\",\n \"CVE-2020-11565\",\n \"CVE-2020-11608\",\n \"CVE-2020-11609\",\n \"CVE-2020-11668\"\n );\n\n script_name(english:\"Photon OS 1.0: Linux PHSA-2020-1.0-0290\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-290.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11668\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-4.4.219-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-api-headers-4.4.219-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-debuginfo-4.4.219-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-dev-4.4.219-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-docs-4.4.219-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-drivers-gpu-4.4.219-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-esx-4.4.219-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-esx-debuginfo-4.4.219-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-esx-devel-4.4.219-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-esx-docs-4.4.219-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-oprofile-4.4.219-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-sound-4.4.219-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-tools-4.4.219-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T15:05:59", "description": "The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5663 advisory.\n\n - In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.\n (CVE-2020-10942)\n\n - In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub- buffer). (CVE-2019-19768)\n\n - In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780) (CVE-2020-8835)\n\n - An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2. (CVE-2020-9383)\n\n - An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4.\n (CVE-2020-11494)\n\n - ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. (CVE-2020-8992)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-04-28T00:00:00", "type": "nessus", "title": "Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2020-5663)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19768", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-8835", "CVE-2020-8992", "CVE-2020-9383"], "modified": "2022-01-26T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-tools", "p-cpe:/a:oracle:linux:kernel-uek-tools-libs", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2020-5663.NASL", "href": "https://www.tenable.com/plugins/nessus/136022", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-5663.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136022);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\n \"CVE-2019-19768\",\n \"CVE-2020-8835\",\n \"CVE-2020-8992\",\n \"CVE-2020-9383\",\n \"CVE-2020-10942\",\n \"CVE-2020-11494\"\n );\n\n script_name(english:\"Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2020-5663)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe ELSA-2020-5663 advisory.\n\n - In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family\n field, which might allow attackers to trigger kernel stack corruption via crafted system calls.\n (CVE-2020-10942)\n\n - In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in\n kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-\n buffer). (CVE-2019-19768)\n\n - In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict\n the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The\n vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit\n was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka\n ZDI-CAN-10780) (CVE-2020-8835)\n\n - An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to\n a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it,\n aka CID-2e90ca68b0d2. (CVE-2020-9383)\n\n - An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It\n allows attackers to read uninitialized can_frame data, potentially containing sensitive information from\n kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL, aka CID-b9258a2cece4.\n (CVE-2020-11494)\n\n - ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers\n to cause a denial of service (soft lockup) via a crafted journal size. (CVE-2020-8992)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-5663.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8835\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(7|8)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7 / 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['5.4.17-2011.1.2.el7uek', '5.4.17-2011.1.2.el8uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2020-5663');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '5.4';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-5.4.17-2011.1.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-5.4.17-2011.1.2.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2011.1.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2011.1.2.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2011.1.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2011.1.2.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2011.1.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2011.1.2.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-doc-5.4.17-2011.1.2.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-5.4.17'},\n {'reference':'kernel-uek-tools-5.4.17-2011.1.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-5.4.17'},\n {'reference':'kernel-uek-tools-5.4.17-2011.1.2.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-5.4.17'},\n {'reference':'kernel-uek-tools-libs-5.4.17-2011.1.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-libs-5.4.17'},\n {'reference':'perf-5.4.17-2011.1.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-5.4.17-2011.1.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-5.4.17-2011.1.2.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-5.4.17-2011.1.2.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2011.1.2.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2011.1.2.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2011.1.2.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2011.1.2.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2011.1.2.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2011.1.2.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-doc-5.4.17-2011.1.2.el8uek', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-5.4.17'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:41", "description": "The v4.19.14 stable update contains important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-15T00:00:00", "type": "nessus", "title": "Fedora 28 : kernel / kernel-headers / kernel-tools (2019-337484d88b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3701"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2019-337484D88B.NASL", "href": "https://www.tenable.com/plugins/nessus/121170", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-337484d88b.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121170);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2019-3701\");\n script_xref(name:\"FEDORA\", value:\"2019-337484d88b\");\n\n script_name(english:\"Fedora 28 : kernel / kernel-headers / kernel-tools (2019-337484d88b)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The v4.19.14 stable update contains important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-337484d88b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-3701\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-337484d88b\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"kernel-4.19.14-200.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-headers-4.19.14-200.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-tools-4.19.14-200.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:15", "description": "The v4.19.14 stable update contains important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-01-15T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers / kernel-tools (2019-b0f7a7b74b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3701"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-B0F7A7B74B.NASL", "href": "https://www.tenable.com/plugins/nessus/121171", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-b0f7a7b74b.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121171);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2019-3701\");\n script_xref(name:\"FEDORA\", value:\"2019-b0f7a7b74b\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers / kernel-tools (2019-b0f7a7b74b)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The v4.19.14 stable update contains important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-b0f7a7b74b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-3701\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-b0f7a7b74b\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-4.19.14-300.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-4.19.14-300.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-tools-4.19.14-300.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-21T15:26:16", "description": "It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions.\nA local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19060)\n\nIt was discovered that the vhost net driver in the Linux kernel contained a stack buffer overflow. A local attacker with the ability to perform ioctl() calls on /dev/vhost-net could use this to cause a denial of service (system crash). (CVE-2020-10942)\n\nIt was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-11494)\n\nIt was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565)\n\nIt was discovered that the OV51x USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11608)\n\nIt was discovered that the STV06XX USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11609)\n\nIt was discovered that the Xirlink C-It USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11668).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-05-19T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4364-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19060", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11565", "CVE-2020-11608", "CVE-2020-11609", "CVE-2020-11668"], "modified": "2023-10-20T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-1071-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-1107-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-1133-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-1137-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-powerpc-e500mc", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-powerpc-smp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-powerpc64-emb", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-powerpc64-smp", "cpe:/o:canonical:ubuntu_linux:16.04:-:lts"], "id": "UBUNTU_USN-4364-1.NASL", "href": "https://www.tenable.com/plugins/nessus/136711", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4364-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136711);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/20\");\n\n script_cve_id(\n \"CVE-2019-19060\",\n \"CVE-2020-10942\",\n \"CVE-2020-11494\",\n \"CVE-2020-11565\",\n \"CVE-2020-11608\",\n \"CVE-2020-11609\",\n \"CVE-2020-11668\"\n );\n script_xref(name:\"USN\", value:\"4364-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4364-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"It was discovered that the ADIS16400 IIO IMU Driver for the Linux\nkernel did not properly deallocate memory in certain error conditions.\nA local attacker could use this to cause a denial of service (memory\nexhaustion). (CVE-2019-19060)\n\nIt was discovered that the vhost net driver in the Linux kernel\ncontained a stack buffer overflow. A local attacker with the ability\nto perform ioctl() calls on /dev/vhost-net could use this to cause a\ndenial of service (system crash). (CVE-2020-10942)\n\nIt was discovered that the Serial CAN interface driver in the Linux\nkernel did not properly initialize data. A local attacker could use\nthis to expose sensitive information (kernel memory). (CVE-2020-11494)\n\nIt was discovered that the linux kernel did not properly validate\ncertain mount options to the tmpfs virtual memory file system. A local\nattacker with the ability to specify mount options could use this to\ncause a denial of service (system crash). (CVE-2020-11565)\n\nIt was discovered that the OV51x USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2020-11608)\n\nIt was discovered that the STV06XX USB Camera device driver in the\nLinux kernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2020-11609)\n\nIt was discovered that the Xirlink C-It USB Camera device driver in\nthe Linux kernel did not properly validate device metadata. A\nphysically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2020-11668).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4364-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-11668\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-1071-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-1107-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-1133-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-1137-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-powerpc-e500mc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-powerpc-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-powerpc64-emb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-179-powerpc64-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('16.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar kernel_mappings = {\n '16.04': {\n '4.4.0': {\n 'generic': '4.4.0-179',\n 'generic-lpae': '4.4.0-179',\n 'lowlatency': '4.4.0-179',\n 'powerpc-e500mc': '4.4.0-179',\n 'powerpc-smp': '4.4.0-179',\n 'powerpc64-emb': '4.4.0-179',\n 'powerpc64-smp': '4.4.0-179',\n 'kvm': '4.4.0-1071',\n 'aws': '4.4.0-1107',\n 'raspi2': '4.4.0-1133',\n 'snapdragon': '4.4.0-1137'\n }\n }\n};\n\nvar host_kernel_release = get_kb_item_or_exit('Host/uname-r');\nvar host_kernel_version = get_kb_item_or_exit('Host/Debian/kernel-version');\nvar host_kernel_base_version = get_kb_item_or_exit('Host/Debian/kernel-base-version');\nvar host_kernel_type = get_kb_item_or_exit('Host/Debian/kernel-type');\nif(empty_or_null(kernel_mappings[os_release][host_kernel_base_version][host_kernel_type])) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + host_kernel_release);\n\nvar extra = '';\nvar kernel_fixed_version = kernel_mappings[os_release][host_kernel_base_version][host_kernel_type];\nif (deb_ver_cmp(ver1:host_kernel_version, ver2:kernel_fixed_version) < 0)\n{\n extra = extra + 'Running Kernel level of ' + host_kernel_version + ' does not meet the minimum fixed level of ' + kernel_fixed_version + ' for this advisory.\\n\\n';\n}\n else\n{\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-4364-1');\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2019-19060', 'CVE-2020-10942', 'CVE-2020-11494', 'CVE-2020-11565', 'CVE-2020-11608', 'CVE-2020-11609', 'CVE-2020-11668');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-4364-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-21T15:27:30", "description": "Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. (CVE-2019-19769)\n\nIt was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-11494)\n\nIt was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565)\n\nIt was discovered that the OV51x USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11608)\n\nIt was discovered that the STV06XX USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11609)\n\nIt was discovered that the Xirlink C-It USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11668)\n\nDavid Gibson discovered that the Linux kernel on Power9 CPUs did not properly save and restore Authority Mask registers state in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2020-11669)\n\nIt was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-05-20T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4368-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19769", "CVE-2020-11494", "CVE-2020-11565", "CVE-2020-11608", "CVE-2020-11609", "CVE-2020-11668", "CVE-2020-11669", "CVE-2020-12657"], "modified": "2023-10-21T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0.0-1037-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0.0-1052-oem-osp1", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4368-1.NASL", "href": "https://www.tenable.com/plugins/nessus/136733", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4368-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136733);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/21\");\n\n script_cve_id(\n \"CVE-2019-19769\",\n \"CVE-2020-11494\",\n \"CVE-2020-11565\",\n \"CVE-2020-11608\",\n \"CVE-2020-11609\",\n \"CVE-2020-11668\",\n \"CVE-2020-11669\",\n \"CVE-2020-12657\"\n );\n script_xref(name:\"USN\", value:\"4368-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4368-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Tristan Madani discovered that the file locking implementation in the\nLinux kernel contained a race condition. A local attacker could\npossibly use this to cause a denial of service or expose sensitive\ninformation. (CVE-2019-19769)\n\nIt was discovered that the Serial CAN interface driver in the Linux\nkernel did not properly initialize data. A local attacker could use\nthis to expose sensitive information (kernel memory). (CVE-2020-11494)\n\nIt was discovered that the linux kernel did not properly validate\ncertain mount options to the tmpfs virtual memory file system. A local\nattacker with the ability to specify mount options could use this to\ncause a denial of service (system crash). (CVE-2020-11565)\n\nIt was discovered that the OV51x USB Camera device driver in the Linux\nkernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2020-11608)\n\nIt was discovered that the STV06XX USB Camera device driver in the\nLinux kernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2020-11609)\n\nIt was discovered that the Xirlink C-It USB Camera device driver in\nthe Linux kernel did not properly validate device metadata. A\nphysically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2020-11668)\n\nDavid Gibson discovered that the Linux kernel on Power9 CPUs did not\nproperly save and restore Authority Mask registers state in some\nsituations. A local attacker in a guest VM could use this to cause a\ndenial of service (host system crash). (CVE-2020-11669)\n\nIt was discovered that the block layer in the Linux kernel contained a\nrace condition leading to a use-after-free vulnerability. A local\nattacker could possibly use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2020-12657).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4368-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19769\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-12657\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0.0-1037-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0.0-1052-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('18.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar kernel_mappings = {\n '18.04': {\n '5.0.0': {\n 'gke': '5.0.0-1037',\n 'oem-osp1': '5.0.0-1052'\n }\n }\n};\n\nvar host_kernel_release = get_kb_item_or_exit('Host/uname-r');\nvar host_kernel_version = get_kb_item_or_exit('Host/Debian/kernel-version');\nvar host_kernel_base_version = get_kb_item_or_exit('Host/Debian/kernel-base-version');\nvar host_kernel_type = get_kb_item_or_exit('Host/Debian/kernel-type');\nif(empty_or_null(kernel_mappings[os_release][host_kernel_base_version][host_kernel_type])) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + host_kernel_release);\n\nvar extra = '';\nvar kernel_fixed_version = kernel_mappings[os_release][host_kernel_base_version][host_kernel_type];\nif (deb_ver_cmp(ver1:host_kernel_version, ver2:kernel_fixed_version) < 0)\n{\n extra = extra + 'Running Kernel level of ' + host_kernel_version + ' does not meet the minimum fixed level of ' + kernel_fixed_version + ' for this advisory.\\n\\n';\n}\n else\n{\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-4368-1');\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2019-19769', 'CVE-2020-11494', 'CVE-2020-11565', 'CVE-2020-11608', 'CVE-2020-11609', 'CVE-2020-11668', 'CVE-2020-11669', 'CVE-2020-12657');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-4368-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:10:16", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in can_can_gw_rcv() in the net/can/gw.c in the Linux kernel. The CAN driver may write arbitrary content beyond the data registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames because of a missing check.\n A local user with CAP_NET_ADMIN capability granted in the initial namespace can exploit this vulnerability to cause a system crash and thus a denial of service (DoS).i1/4^CVE-2019-3701i1/4%0\n\n - A flaw was found in the Linux kernel in the function hso_probe() which reads if_num value from the USB device (as an u8) and uses it without a length check to index an array, resulting in an OOB memory read in hso_probe() or hso_get_config_data(). An attacker with a forged USB device and physical access to a system (needed to connect such a device) can cause a system crash and a denial of service.i1/4^CVE-2018-19985i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-04-04T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1234)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19985", "CVE-2019-3701"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "cpe:/o:huawei:euleros:uvp:2.5.4"], "id": "EULEROS_SA-2019-1234.NASL", "href": "https://www.tenable.com/plugins/nessus/123702", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123702);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-19985\",\n \"CVE-2019-3701\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1234)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An issue was discovered in can_can_gw_rcv() in the\n net/can/gw.c in the Linux kernel. The CAN driver may\n write arbitrary content beyond the data registers in\n the CAN controller's I/O memory when processing can-gw\n manipulated outgoing frames because of a missing check.\n A local user with CAP_NET_ADMIN capability granted in\n the initial namespace can exploit this vulnerability to\n cause a system crash and thus a denial of service\n (DoS).i1/4^CVE-2019-3701i1/4%0\n\n - A flaw was found in the Linux kernel in the function\n hso_probe() which reads if_num value from the USB\n device (as an u8) and uses it without a length check to\n index an array, resulting in an OOB memory read in\n hso_probe() or hso_get_config_data(). An attacker with\n a forged USB device and physical access to a system\n (needed to connect such a device) can cause a system\n crash and a denial of service.i1/4^CVE-2018-19985i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1234\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?482cb2f8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19985\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.4\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.4\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.4\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-862.14.1.1_58\",\n \"kernel-devel-3.10.0-862.14.1.1_58\",\n \"kernel-headers-3.10.0-862.14.1.1_58\",\n \"kernel-tools-3.10.0-862.14.1.1_58\",\n \"kernel-tools-libs-3.10.0-862.14.1.1_58\",\n \"kernel-tools-libs-devel-3.10.0-862.14.1.1_58\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:58:20", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5642 advisory.\n\n - The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a software IO TLB printk call.\n (CVE-2018-5953)\n\n - In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.\n (CVE-2020-10942)\n\n - A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures, aka CID-1acb8f2a7a9f. (CVE-2019-18806)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-04-10T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5642)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5953", "CVE-2019-18806", "CVE-2020-10942"], "modified": "2022-05-13T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2020-5642.NASL", "href": "https://www.tenable.com/plugins/nessus/135381", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-5642.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135381);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2018-5953\", \"CVE-2019-18806\", \"CVE-2020-10942\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5642)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe ELSA-2020-5642 advisory.\n\n - The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to\n obtain sensitive address information by reading dmesg data from a software IO TLB printk call.\n (CVE-2018-5953)\n\n - In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family\n field, which might allow attackers to trigger kernel stack corruption via crafted system calls.\n (CVE-2020-10942)\n\n - A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the\n Linux kernel before 5.3.5 allows local users to cause a denial of service (memory consumption) by\n triggering pci_dma_mapping_error() failures, aka CID-1acb8f2a7a9f. (CVE-2019-18806)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-5642.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10942\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-5953\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.1.12-124.38.1.el6uek', '4.1.12-124.38.1.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2020-5642');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.1';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-4.1.12-124.38.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.38.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.38.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.38.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.38.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.38.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'},\n {'reference':'kernel-uek-4.1.12-124.38.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.38.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.38.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.38.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.38.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.38.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-21T15:25:49", "description": "Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-8428)\n\nGustavo Romero and Paul Mackerras discovered that the KVM implementation in the Linux kernel for PowerPC processors did not properly keep guest state separate from host state. A local attacker in a KVM guest could use this to cause a denial of service (host system crash). (CVE-2020-8834)\n\nShijie Luo discovered that the ext4 file system implementation in the Linux kernel did not properly check for a too-large journal size. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (soft lockup).\n(CVE-2020-8992).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4318-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8428", "CVE-2020-8834", "CVE-2020-8992"], "modified": "2023-10-21T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-96-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-96-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-96-lowlatency", "cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4318-1.NASL", "href": "https://www.tenable.com/plugins/nessus/135269", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4318-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135269);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/21\");\n\n script_cve_id(\"CVE-2020-8428\", \"CVE-2020-8834\", \"CVE-2020-8992\");\n script_xref(name:\"USN\", value:\"4318-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4318-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Al Viro discovered that the vfs layer in the Linux kernel contained a\nuse- after-free vulnerability. A local attacker could use this to\ncause a denial of service (system crash) or possibly expose sensitive\ninformation (kernel memory). (CVE-2020-8428)\n\nGustavo Romero and Paul Mackerras discovered that the KVM\nimplementation in the Linux kernel for PowerPC processors did not\nproperly keep guest state separate from host state. A local attacker\nin a KVM guest could use this to cause a denial of service (host\nsystem crash). (CVE-2020-8834)\n\nShijie Luo discovered that the ext4 file system implementation in the\nLinux kernel did not properly check for a too-large journal size. An\nattacker could use this to construct a malicious ext4 image that, when\nmounted, could cause a denial of service (soft lockup).\n(CVE-2020-8992).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4318-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8428\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-96-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-96-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-96-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('16.04' >< os_release || '18.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar kernel_mappings = {\n '16.04': {\n '4.15.0': {\n 'generic': '4.15.0-96',\n 'generic-lpae': '4.15.0-96',\n 'lowlatency': '4.15.0-96'\n }\n },\n '18.04': {\n '4.15.0': {\n 'generic': '4.15.0-96',\n 'generic-lpae': '4.15.0-96',\n 'lowlatency': '4.15.0-96'\n }\n }\n};\n\nvar host_kernel_release = get_kb_item_or_exit('Host/uname-r');\nvar host_kernel_version = get_kb_item_or_exit('Host/Debian/kernel-version');\nvar host_kernel_base_version = get_kb_item_or_exit('Host/Debian/kernel-base-version');\nvar host_kernel_type = get_kb_item_or_exit('Host/Debian/kernel-type');\nif(empty_or_null(kernel_mappings[os_release][host_kernel_base_version][host_kernel_type])) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + host_kernel_release);\n\nvar extra = '';\nvar kernel_fixed_version = kernel_mappings[os_release][host_kernel_base_version][host_kernel_type];\nif (deb_ver_cmp(ver1:host_kernel_version, ver2:kernel_fixed_version) < 0)\n{\n extra = extra + 'Running Kernel level of ' + host_kernel_version + ' does not meet the minimum fixed level of ' + kernel_fixed_version + ' for this advisory.\\n\\n';\n}\n else\n{\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-4318-1');\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2020-8428', 'CVE-2020-8834', 'CVE-2020-8992');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-4318-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-06T17:15:49", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1379 advisory.\n\n - kernel: powerpc: guest can cause DoS on POWER9 KVM hosts (CVE-2020-11669)\n\n - kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)\n\n - kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)\n\n - kernel: Use after free via PI futex state (CVE-2021-3347)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-05-03T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel-alt (RHSA-2021:1379)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-11669", "CVE-2021-27364", "CVE-2021-27365", "CVE-2021-3347"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2021-1379.NASL", "href": "https://www.tenable.com/plugins/nessus/149235", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1379. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149235);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2020-11669\",\n \"CVE-2021-3347\",\n \"CVE-2021-27364\",\n \"CVE-2021-27365\"\n );\n script_xref(name:\"RHSA\", value:\"2021:1379\");\n\n script_name(english:\"RHEL 7 : kernel-alt (RHSA-2021:1379)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:1379 advisory.\n\n - kernel: powerpc: guest can cause DoS on POWER9 KVM hosts (CVE-2020-11669)\n\n - kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)\n\n - kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)\n\n - kernel: Use after free via PI futex state (CVE-2021-3347)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11669\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-27364\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-27365\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1379\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1824803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1922249\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1930078\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1930080\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3347\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(122, 125, 200, 250, 393, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2020-11669', 'CVE-2021-3347', 'CVE-2021-27364', 'CVE-2021-27365');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2021:1379');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-4.14.0-115.36.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-4.14.0-115.36.1.el7a', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-bootwrapper-4.14.0-115.36.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.14.0-115.36.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.14.0-115.36.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.0-115.36.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.0-115.36.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.0-115.36.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.14.0-115.36.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.14.0-115.36.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.0-115.36.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.0-115.36.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-bootwrapper / kernel-debug / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:25:10", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2854 advisory.\n\n - kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)\n\n - kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811)\n\n - kernel: use-after-free in drivers/bluetooth/hci_ldisc.c (CVE-2019-15917)\n\n - kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c (CVE-2019-18808)\n\n - kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS (CVE-2019-19062)\n\n - kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c (CVE-2019-19767)\n\n - kernel: out-of-bounds write via crafted keycode table (CVE-2019-20636)\n\n - kernel: use after free due to race condition in the video driver leads to local privilege escalation (CVE-2019-9458)\n\n - kernel: use-after-free read in napi_gro_frags() in the Linux kernel (CVE-2020-10720)\n\n - kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c (CVE-2020-11565)\n\n - Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888)\n\n - Kernel: ppc: kvm: conflicting use of HSTATE_HOST_R1 to store r1 state leads to host stack corruption (CVE-2020-8834)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-19T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel-alt (RHSA-2020:2854)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16884", "CVE-2019-11811", "CVE-2019-15917", "CVE-2019-18808", "CVE-2019-19062", "CVE-2019-19767", "CVE-2019-20636", "CVE-2019-9458", "CVE-2020-10720", "CVE-2020-11565", "CVE-2020-12888", "CVE-2020-8834"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2020-2854.NASL", "href": "https://www.tenable.com/plugins/nessus/143086", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2854. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143086);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2018-16884\",\n \"CVE-2019-9458\",\n \"CVE-2019-11811\",\n \"CVE-2019-15917\",\n \"CVE-2019-18808\",\n \"CVE-2019-19062\",\n \"CVE-2019-19767\",\n \"CVE-2019-20636\",\n \"CVE-2020-8834\",\n \"CVE-2020-10720\",\n \"CVE-2020-11565\",\n \"CVE-2020-12888\"\n );\n script_bugtraq_id(106253, 108410);\n script_xref(name:\"RHSA\", value:\"2020:2854\");\n\n script_name(english:\"RHEL 7 : kernel-alt (RHSA-2020:2854)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2854 advisory.\n\n - kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)\n\n - kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c\n (CVE-2019-11811)\n\n - kernel: use-after-free in drivers/bluetooth/hci_ldisc.c (CVE-2019-15917)\n\n - kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c (CVE-2019-18808)\n\n - kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS\n (CVE-2019-19062)\n\n - kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c\n and fs/ext4/super.c (CVE-2019-19767)\n\n - kernel: out-of-bounds write via crafted keycode table (CVE-2019-20636)\n\n - kernel: use after free due to race condition in the video driver leads to local privilege escalation\n (CVE-2019-9458)\n\n - kernel: use-after-free read in napi_gro_frags() in the Linux kernel (CVE-2020-10720)\n\n - kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c (CVE-2020-11565)\n\n - Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888)\n\n - Kernel: ppc: kvm: conflicting use of HSTATE_HOST_R1 to store r1 state leads to host stack corruption\n (CVE-2020-8834)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-16884\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-9458\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-11811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15917\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-18808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-19062\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-19767\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-20636\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8834\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-12888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1660375\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1709180\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1775021\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1777418\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1781204\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1786160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1819377\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1819615\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1824059\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1824918\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1836244\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-20636\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16884\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(121, 248, 362, 400, 416, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2018-16884', 'CVE-2019-9458', 'CVE-2019-11811', 'CVE-2019-15917', 'CVE-2019-18808', 'CVE-2019-19062', 'CVE-2019-19767', 'CVE-2019-20636', 'CVE-2020-8834', 'CVE-2020-10720', 'CVE-2020-11565', 'CVE-2020-12888');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2020:2854');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-4.14.0-115.26.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-4.14.0-115.26.1.el7a', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-bootwrapper-4.14.0-115.26.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.14.0-115.26.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.14.0-115.26.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.0-115.26.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.0-115.26.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.0-115.26.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.14.0-115.26.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.14.0-115.26.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.0-115.26.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.0-115.26.1.el7a', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-bootwrapper / kernel-debug / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:08:34", "description": "The SUSE Linux Enterprise 15 kernel was updated receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824).\n\nCVE-2020-9383: Fixed an out-of-bounds read due to improper error condition check of FDC index (bsc#1165111).\n\nCVE-2020-8992: Fixed an issue which could have allowed attackers to cause a soft lockup via a crafted journal size (bsc#1164069).\n\nCVE-2020-8834: Fixed a stack corruption which could have lead to kernel panic (bsc#1168276).\n\nCVE-2020-8649: Fixed a use-after-free in the vgacon_invert_region function in drivers/video/console/vgacon.c (bsc#1162931).\n\nCVE-2020-8648: Fixed a use-after-free in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (bsc#1162928).\n\nCVE-2020-8647: Fixed a use-after-free in the vc_do_resize function in drivers/tty/vt/vt.c (bsc#1162929).\n\nCVE-2020-8428: Fixed a use-after-free which could have allowed local users to cause a denial of service (bsc#1162109).\n\nCVE-2020-7053: Fixed a use-after-free in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c (bsc#1160966).\n\nCVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources (bsc#1163971).\n\nCVE-2020-13143: Fixed an out-of-bounds read in gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c (bsc#1171982).\n\nCVE-2020-12769: Fixed an issue which could have allowed attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one (bsc#1171983).\n\nCVE-2020-12657: An a use-after-free in block/bfq-iosched.c (bsc#1171205).\n\nCVE-2020-12656: Fixed an improper handling of certain domain_release calls leadingch could have led to a memory leak (bsc#1171219).\n\nCVE-2020-12655: Fixed an issue which could have allowed attackers to trigger a sync of excessive duration via an XFS v5 image with crafted metadata (bsc#1171217).\n\nCVE-2020-12654: Fixed an issue in he wifi driver which could have allowed a remote AP to trigger a heap-based buffer overflow (bsc#1171202).\n\nCVE-2020-12653: Fixed an issue in the wifi driver which could have allowed local users to gain privileges or cause a denial of service (bsc#1171195).\n\nCVE-2020-12652: Fixed an issue which could have allowed local users to hold an incorrect lock during the ioctl operation and trigger a race condition (bsc#1171218).\n\nCVE-2020-12464: Fixed a use-after-free due to a transfer without a reference (bsc#1170901).\n\nCVE-2020-12114: Fixed a pivot_root race condition which could have allowed local users to cause a denial of service (panic) by corrupting a mountpoint reference counter (bsc#1171098).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S did not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nCVE-2020-11609: Fixed a NULL pointer dereference due to improper handling of descriptors (bsc#1168854).\n\nCVE-2020-11608: Fixed a NULL pointer dereferences via a crafted USB (bsc#1168829).\n\nCVE-2020-11494: Fixed an issue which could have allowed attackers to read uninitialized can_frame data (bsc#1168424).\n\nCVE-2020-10942: Fixed a kernel stack corruption via crafted system calls (bsc#1167629).\n\nCVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access (bsc#1172317).\n\nCVE-2020-10751: Fixed an improper implementation in SELinux LSM hook where it was assumed that an skb would only contain a single netlink message (bsc#1171189).\n\nCVE-2020-10732: Fixed kernel data leak in userspace coredumps due to uninitialized data (bsc#1171220).\n\nCVE-2020-10720: Fixed a use-after-free read in napi_gro_frags() (bsc#1170778).\n\nCVE-2020-10711: Fixed a NULL pointer dereference in SELinux subsystem which could have allowed a remote network user to crash the kernel resulting in a denial of service (bsc#1171191).\n\nCVE-2020-10690: Fixed the race between the release of ptp_clock and cdev (bsc#1170056).\n\nCVE-2019-9458: Fixed a use after free due to a race condition which could have led to privilege escalation of privilege (bsc#1168295).\n\nCVE-2019-9455: Fixed a pointer leak due to a WARN_ON statement in a video driver. This could lead to local information disclosure with System execution privileges needed (bsc#1170345).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a system crash (bsc#1120386).\n\nCVE-2019-20812: Fixed an issue in prb_calc_retire_blk_tmo() which could have resulted in a denial of service (bsc#1172453).\n\nCVE-2019-20810: Fixed a memory leak in due to not calling of snd_card_free (bsc#1172458).\n\nCVE-2019-20096: Fixed a memory leak in __feat_register_sp() in net/dccp/feat.c, which could have caused denial of service (bsc#1159908).\n\nCVE-2019-20095: Fixed an improper error-handling cases that did not free allocated hostcmd memory which was causing memory leak (bsc#1159909).\n\nCVE-2019-20054: Fixed a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links (bsc#1159910).\n\nCVE-2019-19966: Fixed a use-after-free in cpia2_exit() which could have caused denial of service (bsc#1159841).\n\nCVE-2019-19965: Fixed a NULL pointer dereference, due to mishandling of port disconnection during discovery (bsc#1159911).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function (bsc#1159198).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function in kernel/trace/blktrace.c (bsc#1159285).\n\nCVE-2019-19462: Fixed an issue which could have allowed local user to cause denial of service (bsc#1158265).\n\nCVE-2019-19447: Fixed a user after free via a crafted ext4 filesystem image (bsc#1158819).\n\nCVE-2019-19319: Fixed a user after free when a large old_size value is used in a memset call (bsc#1158021).\n\nCVE-2019-19318: Fixed a use after free via a crafted btrfs image (bsc#1158026).\n\nCVE-2019-19054: Fixed a memory leak in the cx23888_ir_probe() which could have allowed attackers to cause a denial of service (bsc#1161518).\n\nCVE-2019-19045: Fixed a memory leak in which could have allowed attackers to cause a denial of service (bsc#1161522).\n\nCVE-2019-19036: Fixed a NULL pointer dereference in btrfs_root_node (bsc#1157692).\n\nCVE-2019-16994: Fixed a memory leak which might have caused denial of service (bsc#1161523).\n\nCVE-2019-14897: Fixed a stack overflow in Marvell Wifi Driver (bsc#1157155).\n\nCVE-2019-14896: Fixed a heap overflow in Marvell Wifi Driver (bsc#1157157).\n\nCVE-2019-14615: Fixed an improper control flow in certain data structures which could have led to information disclosure (bsc#1160195).\n\nCVE-2018-1000199: Fixed a potential local code execution via ptrace (bsc#1089895).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-07-09T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (SUSE-SU-2020:1663-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000199", "CVE-2019-14615", "CVE-2019-14896", "CVE-2019-14897", "CVE-2019-16994", "CVE-2019-19036", "CVE-2019-19045", "CVE-2019-19054", "CVE-2019-19318", "CVE-2019-19319", "CVE-2019-19447", "CVE-2019-19462", "CVE-2019-19768", "CVE-2019-19770", "CVE-2019-19965", "CVE-2019-19966", "CVE-2019-20054", "CVE-2019-20095", "CVE-2019-20096", "CVE-2019-20810", "CVE-2019-20812", "CVE-2019-3701", "CVE-2019-9455", "CVE-2019-9458", "CVE-2020-0543", "CVE-2020-10690", "CVE-2020-10711", "CVE-2020-10720", "CVE-2020-10732", "CVE-2020-10751", "CVE-2020-10757", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11608", "CVE-2020-11609", "CVE-2020-11669", "CVE-2020-12114", "CVE-2020-12464", "CVE-2020-12652", "CVE-2020-12653", "CVE-2020-12654", "CVE-2020-12655", "CVE-2020-12656", "CVE-2020-12657", "CVE-2020-12769", "CVE-2020-13143", "CVE-2020-2732", "CVE-2020-7053", "CVE-2020-8428", "CVE-2020-8647", "CVE-2020-8648", "CVE-2020-8649", "CVE-2020-8834", "CVE-2020-8992", "CVE-2020-9383"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-obs-build", "p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo"], "id": "SUSE_SU-2020-1663-1.NASL", "href": "https://www.tenable.com/plugins/nessus/138272", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1663-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138272);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-1000199\", \"CVE-2019-14615\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-16994\", \"CVE-2019-19036\", \"CVE-2019-19045\", \"CVE-2019-19054\", \"CVE-2019-19318\", \"CVE-2019-19319\", \"CVE-2019-19447\", \"CVE-2019-19462\", \"CVE-2019-19768\", \"CVE-2019-19770\", \"CVE-2019-19965\", \"CVE-2019-19966\", \"CVE-2019-20054\", \"CVE-2019-20095\", \"CVE-2019-20096\", \"CVE-2019-20810\", \"CVE-2019-20812\", \"CVE-2019-3701\", \"CVE-2019-9455\", \"CVE-2019-9458\", \"CVE-2020-0543\", \"CVE-2020-10690\", \"CVE-2020-10711\", \"CVE-2020-10720\", \"CVE-2020-10732\", \"CVE-2020-10751\", \"CVE-2020-10757\", \"CVE-2020-10942\", \"CVE-2020-11494\", \"CVE-2020-11608\", \"CVE-2020-11609\", \"CVE-2020-11669\", \"CVE-2020-12114\", \"CVE-2020-12464\", \"CVE-2020-12652\", \"CVE-2020-12653\", \"CVE-2020-12654\", \"CVE-2020-12655\", \"CVE-2020-12656\", \"CVE-2020-12657\", \"CVE-2020-12769\", \"CVE-2020-13143\", \"CVE-2020-2732\", \"CVE-2020-7053\", \"CVE-2020-8428\", \"CVE-2020-8647\", \"CVE-2020-8648\", \"CVE-2020-8649\", \"CVE-2020-8834\", \"CVE-2020-8992\", \"CVE-2020-9383\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (SUSE-SU-2020:1663-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The SUSE Linux Enterprise 15 kernel was updated receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2020-0543: Fixed a side channel attack against special registers\nwhich could have resulted in leaking of read values to cores other\nthan the one which called it. This attack is known as Special Register\nBuffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824).\n\nCVE-2020-9383: Fixed an out-of-bounds read due to improper error\ncondition check of FDC index (bsc#1165111).\n\nCVE-2020-8992: Fixed an issue which could have allowed attackers to\ncause a soft lockup via a crafted journal size (bsc#1164069).\n\nCVE-2020-8834: Fixed a stack corruption which could have lead to\nkernel panic (bsc#1168276).\n\nCVE-2020-8649: Fixed a use-after-free in the vgacon_invert_region\nfunction in drivers/video/console/vgacon.c (bsc#1162931).\n\nCVE-2020-8648: Fixed a use-after-free in the n_tty_receive_buf_common\nfunction in drivers/tty/n_tty.c (bsc#1162928).\n\nCVE-2020-8647: Fixed a use-after-free in the vc_do_resize function in\ndrivers/tty/vt/vt.c (bsc#1162929).\n\nCVE-2020-8428: Fixed a use-after-free which could have allowed local\nusers to cause a denial of service (bsc#1162109).\n\nCVE-2020-7053: Fixed a use-after-free in the i915_ppgtt_close function\nin drivers/gpu/drm/i915/i915_gem_gtt.c (bsc#1160966).\n\nCVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest\nmay trick the L0 hypervisor into accessing sensitive L1 resources\n(bsc#1163971).\n\nCVE-2020-13143: Fixed an out-of-bounds read in\ngadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c\n(bsc#1171982).\n\nCVE-2020-12769: Fixed an issue which could have allowed attackers to\ncause a panic via concurrent calls to dw_spi_irq and\ndw_spi_transfer_one (bsc#1171983).\n\nCVE-2020-12657: An a use-after-free in block/bfq-iosched.c\n(bsc#1171205).\n\nCVE-2020-12656: Fixed an improper handling of certain domain_release\ncalls leadingch could have led to a memory leak (bsc#1171219).\n\nCVE-2020-12655: Fixed an issue which could have allowed attackers to\ntrigger a sync of excessive duration via an XFS v5 image with crafted\nmetadata (bsc#1171217).\n\nCVE-2020-12654: Fixed an issue in he wifi driver which could have\nallowed a remote AP to trigger a heap-based buffer overflow\n(bsc#1171202).\n\nCVE-2020-12653: Fixed an issue in the wifi driver which could have\nallowed local users to gain privileges or cause a denial of service\n(bsc#1171195).\n\nCVE-2020-12652: Fixed an issue which could have allowed local users to\nhold an incorrect lock during the ioctl operation and trigger a race\ncondition (bsc#1171218).\n\nCVE-2020-12464: Fixed a use-after-free due to a transfer without a\nreference (bsc#1170901).\n\nCVE-2020-12114: Fixed a pivot_root race condition which could have\nallowed local users to cause a denial of service (panic) by corrupting\na mountpoint reference counter (bsc#1171098).\n\nCVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S\ndid not have save/restore functionality for PNV_POWERSAVE_AMR,\nPNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).\n\nCVE-2020-11609: Fixed a NULL pointer dereference due to improper\nhandling of descriptors (bsc#1168854).\n\nCVE-2020-11608: Fixed a NULL pointer dereferences via a crafted USB\n(bsc#1168829).\n\nCVE-2020-11494: Fixed an issue which could have allowed attackers to\nread uninitialized can_frame data (bsc#1168424).\n\nCVE-2020-10942: Fixed a kernel stack corruption via crafted system\ncalls (bsc#1167629).\n\nCVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon\nmmap could have caused user PTE access (bsc#1172317).\n\nCVE-2020-10751: Fixed an improper implementation in SELinux LSM hook\nwhere it was assumed that an skb would only contain a single netlink\nmessage (bsc#1171189).\n\nCVE-2020-10732: Fixed kernel data leak in userspace coredumps due to\nuninitialized data (bsc#1171220).\n\nCVE-2020-10720: Fixed a use-after-free read in napi_gro_frags()\n(bsc#1170778).\n\nCVE-2020-10711: Fixed a NULL pointer dereference in SELinux subsystem\nwhich could have allowed a remote network user to crash the kernel\nresulting in a denial of service (bsc#1171191).\n\nCVE-2020-10690: Fixed the race between the release of ptp_clock and\ncdev (bsc#1170056).\n\nCVE-2019-9458: Fixed a use after free due to a race condition which\ncould have led to privilege escalation of privilege (bsc#1168295).\n\nCVE-2019-9455: Fixed a pointer leak due to a WARN_ON statement in a\nvideo driver. This could lead to local information disclosure with\nSystem execution privileges needed (bsc#1170345).\n\nCVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a\nsystem crash (bsc#1120386).\n\nCVE-2019-20812: Fixed an issue in prb_calc_retire_blk_tmo() which\ncould have resulted in a denial of service (bsc#1172453).\n\nCVE-2019-20810: Fixed a memory leak in due to not calling of\nsnd_card_free (bsc#1172458).\n\nCVE-2019-20096: Fixed a memory leak in __feat_register_sp() in\nnet/dccp/feat.c, which could have caused denial of service\n(bsc#1159908).\n\nCVE-2019-20095: Fixed an improper error-handling cases that did not\nfree allocated hostcmd memory which was causing memory leak\n(bsc#1159909).\n\nCVE-2019-20054: Fixed a NULL pointer dereference in\ndrop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links\n(bsc#1159910).\n\nCVE-2019-19966: Fixed a use-after-free in cpia2_exit() which could\nhave caused denial of service (bsc#1159841).\n\nCVE-2019-19965: Fixed a NULL pointer dereference, due to mishandling\nof port disconnection during discovery (bsc#1159911).\n\nCVE-2019-19770: Fixed a use-after-free in the debugfs_remove function\n(bsc#1159198).\n\nCVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function\nin kernel/trace/blktrace.c (bsc#1159285).\n\nCVE-2019-19462: Fixed an issue which could have allowed local user to\ncause denial of service (bsc#1158265).\n\nCVE-2019-19447: Fixed a user after free via a crafted ext4 filesystem\nimage (bsc#1158819).\n\nCVE-2019-19319: Fixed a user after free when a large old_size value is\nused in a memset call (bsc#1158021).\n\nCVE-2019-19318: Fixed a use after free via a crafted btrfs image\n(bsc#1158026).\n\nCVE-2019-19054: Fixed a memory leak in the cx23888_ir_probe() which\ncould have allowed attackers to cause a denial of service\n(bsc#1161518).\n\nCVE-2019-19045: Fixed a memory leak in which could have allowed\nattackers to cause a denial of service (bsc#1161522).\n\nCVE-2019-19036: Fixed a NULL pointer dereference in btrfs_root_node\n(bsc#1157692).\n\nCVE-2019-16994: Fixed a memory leak which might have caused denial of\nservice (bsc#1161523).\n\nCVE-2019-14897: Fixed a stack overflow in Marvell Wifi Driver\n(bsc#1157155).\n\nCVE-2019-14896: Fixed a heap overflow in Marvell Wifi Driver\n(bsc#1157157).\n\nCVE-2019-14615: Fixed an improper control flow in certain data\nstructures which could have led to information disclosure\n(bsc#1160195).\n\nCVE-2018-1000199: Fixed a potential local code execution via ptrace\n(bsc#1089895).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:1146-1)

Description

Related