Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2020-14442-1.NASL
HistoryJun 10, 2021 - 12:00 a.m.

SUSE SLES11 Security Update : kernel (SUSE-SU-2020:14442-1)

2021-06-1000:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
31

8.1 High

AI Score

Confidence

High

JSON

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14442-1 advisory.

  • An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability. (CVE-2019-5108)

  • In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153467744 (CVE-2020-0305)

  • A flaw was found in the Linux kernel’s implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.
    (CVE-2020-10732)

  • A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm’s module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service. (CVE-2020-10769)

  • A stack information leak flaw was found in s390/s390x in the Linux kernels memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data. (CVE-2020-10773)

  • The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a double fetch vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states The security impact of this bug is not as bad as it could have been because these operations are all privileged and root already has enormous destructive power. (CVE-2020-12652)

  • DISPUTED gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not already available. It is a problem that on unloading a specific kernel module some memory is leaked, but loading kernel modules is a privileged operation. A user could also write a kernel module to consume any amount of memory they like and load that replicating the effect of this bug. (CVE-2020-12656)

  • An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case. (CVE-2020-13974)

  • In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c. (CVE-2020-14416)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2020:14442-1. The text itself
# is copyright (C) SUSE.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(150665);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/26");

  script_cve_id(
    "CVE-2019-5108",
    "CVE-2020-0305",
    "CVE-2020-10732",
    "CVE-2020-10769",
    "CVE-2020-10773",
    "CVE-2020-12652",
    "CVE-2020-12656",
    "CVE-2020-13974",
    "CVE-2020-14416"
  );
  script_xref(name:"SuSE", value:"SUSE-SU-2020:14442-1");

  script_name(english:"SUSE SLES11 Security Update : kernel (SUSE-SU-2020:14442-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in
the SUSE-SU-2020:14442-1 advisory.

  - An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An
    attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations
    before the required authentication process has completed. This could lead to different denial-of-service
    scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already
    existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge
    Authentication and Association Request packets to trigger this vulnerability. (CVE-2019-5108)

  - In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to
    local escalation of privilege with System execution privileges needed. User interaction is not needed for
    exploitation.Product: AndroidVersions: Android-10Android ID: A-153467744 (CVE-2020-0305)

  - A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an
    attacker with a local account to crash a trivial program and exfiltrate private kernel data.
    (CVE-2020-10732)

  - A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in
    crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4
    bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat,
    leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of
    service. (CVE-2020-10769)

  - A stack information leak flaw was found in s390/s390x in the Linux kernels memory manager functionality,
    where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the
    kernel data. (CVE-2020-10773)

  - The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows
    local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a
    double fetch vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states The security impact of this
    bug is not as bad as it could have been because these operations are all privileged and root already has
    enormous destructive power. (CVE-2020-12652)

  - ** DISPUTED ** gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5
    implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory
    leak. Note: This was disputed with the assertion that the issue does not grant any access not already
    available. It is a problem that on unloading a specific kernel module some memory is leaked, but loading
    kernel modules is a privileged operation. A user could also write a kernel module to consume any amount of
    memory they like and load that replicating the effect of this bug. (CVE-2020-12656)

  - An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer
    overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community
    argue that the integer overflow does not lead to a security issue in this case. (CVE-2020-13974)

  - In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line
    discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and
    drivers/net/can/slcan.c. (CVE-2020-14416)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1159912");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1159913");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1162002");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1171218");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1171219");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1171220");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1172775");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1172999");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1173265");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1174462");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1174543");
  # https://lists.suse.com/pipermail/sle-security-updates/2020-August/007210.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?35e8a7af");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-5108");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-0305");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-10732");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-10769");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-10773");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-12652");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-12656");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-13974");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-14416");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-13974");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/23");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/08/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/06/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-bigmem");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-bigmem-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-bigmem-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-man");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ec2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ec2-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ec2-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-pae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-pae-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-pae-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ppc64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ppc64-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ppc64-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-source");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-trace");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-trace-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-trace-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('audit.inc');
include('global_settings.inc');
include('misc_func.inc');
include('rpm.inc');
include('ksplice.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES11" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP4", os_ver + " SP" + sp);

pkgs = [
    {'reference':'kernel-default-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-default-base-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-default-devel-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-default-man-3.0.101-108.117', 'sp':'4', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-ec2-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-ec2-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-ec2-base-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-ec2-base-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-ec2-devel-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-ec2-devel-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-pae-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-pae-base-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-pae-devel-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-source-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-syms-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-trace-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-trace-base-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-trace-devel-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-xen-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-xen-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-xen-base-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-xen-base-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-xen-devel-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-xen-devel-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
    {'reference':'kernel-default-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-default-base-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-default-devel-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-default-man-3.0.101-108.117', 'sp':'4', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-ec2-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-ec2-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-ec2-base-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-ec2-base-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-ec2-devel-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-ec2-devel-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-pae-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-pae-base-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-pae-devel-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-source-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-syms-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-trace-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-trace-base-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-trace-devel-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-xen-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-xen-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-xen-base-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-xen-base-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-xen-devel-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
    {'reference':'kernel-xen-devel-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}
];

flag = 0;
foreach package_array ( pkgs ) {
  reference = NULL;
  release = NULL;
  sp = NULL;
  cpu = NULL;
  exists_check = NULL;
  rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && release && exists_check) {
    if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
  else if (reference && release) {
    if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  ltss_plugin_caveat = '\n' +
    'NOTE: This vulnerability check contains fixes that apply to\n' +
    'packages only available in SUSE Enterprise Linux Server LTSS\n' +
    'repositories. Access to these package security updates require\n' +
    'a paid SUSE LTSS subscription.\n';
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + ltss_plugin_caveat
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-default / kernel-default-base / kernel-default-devel / etc');
}
VendorProductVersionCPE
novellsuse_linuxkernel-ppc64p-cpe:/a:novell:suse_linux:kernel-ppc64
novellsuse_linuxkernel-ppc64-basep-cpe:/a:novell:suse_linux:kernel-ppc64-base
novellsuse_linuxkernel-ppc64-develp-cpe:/a:novell:suse_linux:kernel-ppc64-devel
novellsuse_linuxkernel-sourcep-cpe:/a:novell:suse_linux:kernel-source
novellsuse_linuxkernel-symsp-cpe:/a:novell:suse_linux:kernel-syms
novellsuse_linuxkernel-tracep-cpe:/a:novell:suse_linux:kernel-trace
novellsuse_linuxkernel-trace-basep-cpe:/a:novell:suse_linux:kernel-trace-base
novellsuse_linuxkernel-trace-develp-cpe:/a:novell:suse_linux:kernel-trace-devel
novellsuse_linuxkernel-xenp-cpe:/a:novell:suse_linux:kernel-xen
novellsuse_linuxkernel-xen-basep-cpe:/a:novell:suse_linux:kernel-xen-base
Rows per page:
1-10 of 251

References

Related

openvas 43
nessus 57
photon 10
ibm 7
virtuozzo 3
cve 9
suse 3
prion 9
cbl_mariner 2
redhatcve 9
oraclelinux 5
debiancve 9
ubuntucve 9
veracode 6
f5 1
osv 2
talos 2
symantec 1
ubuntu 7
redhat 3
talosblog 1
centos 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:14442-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:2152-1)
2021-04-19 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1938)
2020-09-04 00:00:00
nessus
nessus
Photon OS 1.0: Linux PHSA-2020-1.0-0303
2020-06-25 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2020:2152-1)
2020-08-07 00:00:00
EulerOS 2.0 SP5 : kernel (EulerOS-SA-2020-1938)
2020-09-02 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0303
2020-06-24 00:00:00
Important Photon OS Security Update - PHSA-2020-0303
2020-06-24 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0279
2020-02-21 00:00:00
ibm
ibm
Security Bulletin: IBM Flex System switch firmware products are affected by vulnerabilities in the Kernel
2023-12-07 22:45:07
Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in the Kernel
2023-12-07 22:45:08
Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management
2020-09-23 13:10:38
virtuozzo
virtuozzo
Important kernel security update: Virtuozzo ReadyKernel patch 110.0 for Virtuozzo Hybrid Server 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0 and Virtuozzo Hybrid Infrastructure 3.5
2020-07-06 00:00:00
Kernel security update: Virtuozzo ReadyKernel patch 113.0 for Virtuozzo Hybrid Server 7.0, Virtuozzo Infrastructure Platform 2.5, 3.0 and Virtuozzo Hybrid Infrastructure 3.5
2020-08-06 00:00:00
Kernel security update: Virtuozzo ReadyKernel patch 113.10 for Virtuozzo Hybrid Server 7.0
2020-08-06 00:00:00
cve
cve
CVE-2020-12656
2020-05-05 06:15:00
CVE-2020-14416
2020-06-18 11:15:00
CVE-2020-10773
2020-09-10 17:15:00
suse
suse
Security update for the Linux Kernel (important)
2020-07-07 00:00:00
Security update for the Linux Kernel (important)
2020-08-06 00:00:00
Security update for the Linux Kernel (important)
2020-06-13 00:00:00
prion
prion
Race condition
2020-06-18 11:15:00
Design/Logic Flaw
2020-05-05 06:15:00
Race condition
2020-05-05 05:15:00
cbl_mariner
cbl_mariner
CVE-2020-12656 affecting package kernel 5.4.91-6
2021-03-03 03:44:27
CVE-2020-13974 affecting package kernel 5.4.91-6
2021-04-06 23:51:14
redhatcve
redhatcve
CVE-2020-14416
2020-06-23 08:26:46
CVE-2020-12656
2020-05-07 12:40:05
CVE-2020-10769
2020-06-23 11:25:17
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2020-12-09 00:00:00
Unbreakable Enterprise kernel security update
2020-12-07 00:00:00
Unbreakable Enterprise kernel security update
2020-08-06 00:00:00
debiancve
debiancve
CVE-2020-14416
2020-06-18 11:15:00
CVE-2020-10773
2020-09-10 17:15:00
CVE-2020-12656
2020-05-05 06:15:00
ubuntucve
ubuntucve
CVE-2020-12656
2020-05-05 00:00:00
CVE-2020-14416
2020-06-18 00:00:00
CVE-2020-10773
2020-09-10 00:00:00
veracode
veracode
Information Disclosure
2020-11-05 03:16:31
Integer Overflow
2022-06-02 22:53:17
Denial Of Service (DoS)
2020-12-19 06:03:47
f5
f5
K62532228 : Linux kernel CVE-2020-10769
2021-02-08 00:00:00
osv
osv
flaw in Linux kernel's implementation of Userspace core dumps
2021-01-01 00:00:00
CVE-2019-5108
2019-12-23 19:15:11
talos
talos
Linux kernel CAM table denial-of-service vulnerability
2019-12-11 00:00:00
W1.fi hostapd CAM table denial-of-service vulnerability
2019-12-11 00:00:00
symantec
symantec
Linux Kernel CVE-2019-5108 Denial of Service Vulnerability
2020-12-11 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2020-09-03 00:00:00
Linux kernel vulnerabilities
2020-07-27 00:00:00
Kernel Live Patch Security Notice
2020-07-27 00:00:00
redhat
redhat
(RHSA-2020:3545) Moderate: kernel-alt security and bug fix update
2020-08-25 12:38:29
(RHSA-2020:5441) Important: kernel-rt security and bug fix update
2020-12-15 09:01:44
(RHSA-2020:5437) Important: kernel security and bug fix update
2020-12-15 09:01:18
talosblog
talosblog
Vulnerability Spotlight: Denial-of-service vulnerabilities in Linux kernel, W1.fi
2019-12-11 09:18:44
centos
centos
bpftool, kernel, perf, python security update
2020-12-21 20:45:16

8.1 High

AI Score

Confidence

High

JSON
Related for SUSE_SU-2020-14442-1.NASL
openvas43nessus57photon10ibm7virtuozzo3cve9suse3prion9cbl_mariner2redhatcve9oraclelinux5debiancve9ubuntucve9veracode6f51osv2talos2symantec1ubuntu7redhat3talosblog1centos1