The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14442-1 advisory.
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability. (CVE-2019-5108)
In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153467744 (CVE-2020-0305)
A flaw was found in the Linux kernel’s implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.
(CVE-2020-10732)
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm’s module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service. (CVE-2020-10769)
A stack information leak flaw was found in s390/s390x in the Linux kernels memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data. (CVE-2020-10773)
The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a double fetch vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states The security impact of this bug is not as bad as it could have been because these operations are all privileged and root already has enormous destructive power. (CVE-2020-12652)
DISPUTED gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not already available. It is a problem that on unloading a specific kernel module some memory is leaked, but loading kernel modules is a privileged operation. A user could also write a kernel module to consume any amount of memory they like and load that replicating the effect of this bug. (CVE-2020-12656)
An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case. (CVE-2020-13974)
In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c. (CVE-2020-14416)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2020:14442-1. The text itself
# is copyright (C) SUSE.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(150665);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/26");
script_cve_id(
"CVE-2019-5108",
"CVE-2020-0305",
"CVE-2020-10732",
"CVE-2020-10769",
"CVE-2020-10773",
"CVE-2020-12652",
"CVE-2020-12656",
"CVE-2020-13974",
"CVE-2020-14416"
);
script_xref(name:"SuSE", value:"SUSE-SU-2020:14442-1");
script_name(english:"SUSE SLES11 Security Update : kernel (SUSE-SU-2020:14442-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in
the SUSE-SU-2020:14442-1 advisory.
- An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An
attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations
before the required authentication process has completed. This could lead to different denial-of-service
scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already
existing clients in other nearby APs of the same wireless infrastructure. An attacker can forge
Authentication and Association Request packets to trigger this vulnerability. (CVE-2019-5108)
- In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to
local escalation of privilege with System execution privileges needed. User interaction is not needed for
exploitation.Product: AndroidVersions: Android-10Android ID: A-153467744 (CVE-2020-0305)
- A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an
attacker with a local account to crash a trivial program and exfiltrate private kernel data.
(CVE-2020-10732)
- A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in
crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4
bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat,
leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of
service. (CVE-2020-10769)
- A stack information leak flaw was found in s390/s390x in the Linux kernels memory manager functionality,
where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the
kernel data. (CVE-2020-10773)
- The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows
local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a
double fetch vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states The security impact of this
bug is not as bad as it could have been because these operations are all privileged and root already has
enormous destructive power. (CVE-2020-12652)
- ** DISPUTED ** gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5
implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory
leak. Note: This was disputed with the assertion that the issue does not grant any access not already
available. It is a problem that on unloading a specific kernel module some memory is leaked, but loading
kernel modules is a privileged operation. A user could also write a kernel module to consume any amount of
memory they like and load that replicating the effect of this bug. (CVE-2020-12656)
- An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer
overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community
argue that the integer overflow does not lead to a security issue in this case. (CVE-2020-13974)
- In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line
discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and
drivers/net/can/slcan.c. (CVE-2020-14416)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1159912");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1159913");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1162002");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1171218");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1171219");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1171220");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1172775");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1172999");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1173265");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1174462");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1174543");
# https://lists.suse.com/pipermail/sle-security-updates/2020-August/007210.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?35e8a7af");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-5108");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-0305");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-10732");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-10769");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-10773");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-12652");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-12656");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-13974");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-14416");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-13974");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/23");
script_set_attribute(attribute:"patch_publication_date", value:"2020/08/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/06/10");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-bigmem");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-bigmem-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-bigmem-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-man");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ec2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ec2-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ec2-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-pae-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-pae-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ppc64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ppc64-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ppc64-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-source");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-trace");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-trace-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-trace-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('audit.inc');
include('global_settings.inc');
include('misc_func.inc');
include('rpm.inc');
include('ksplice.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES11" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP4", os_ver + " SP" + sp);
pkgs = [
{'reference':'kernel-default-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-default-base-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-default-devel-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-default-man-3.0.101-108.117', 'sp':'4', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-ec2-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-ec2-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-ec2-base-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-ec2-base-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-ec2-devel-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-ec2-devel-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-pae-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-pae-base-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-pae-devel-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-source-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-syms-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-trace-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-trace-base-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-trace-devel-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-xen-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-xen-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-xen-base-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-xen-base-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-xen-devel-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-xen-devel-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},
{'reference':'kernel-default-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-default-base-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-default-devel-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-default-man-3.0.101-108.117', 'sp':'4', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-ec2-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-ec2-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-ec2-base-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-ec2-base-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-ec2-devel-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-ec2-devel-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-pae-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-pae-base-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-pae-devel-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-source-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-syms-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-trace-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-trace-base-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-trace-devel-3.0.101-108.117', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-xen-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-xen-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-xen-base-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-xen-base-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-xen-devel-3.0.101-108.117', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},
{'reference':'kernel-xen-devel-3.0.101-108.117', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}
];
flag = 0;
foreach package_array ( pkgs ) {
reference = NULL;
release = NULL;
sp = NULL;
cpu = NULL;
exists_check = NULL;
rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && release && exists_check) {
if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
else if (reference && release) {
if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
ltss_plugin_caveat = '\n' +
'NOTE: This vulnerability check contains fixes that apply to\n' +
'packages only available in SUSE Enterprise Linux Server LTSS\n' +
'repositories. Access to these package security updates require\n' +
'a paid SUSE LTSS subscription.\n';
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + ltss_plugin_caveat
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-default / kernel-default-base / kernel-default-devel / etc');
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | kernel-ppc64 | p-cpe:/a:novell:suse_linux:kernel-ppc64 |
novell | suse_linux | kernel-ppc64-base | p-cpe:/a:novell:suse_linux:kernel-ppc64-base |
novell | suse_linux | kernel-ppc64-devel | p-cpe:/a:novell:suse_linux:kernel-ppc64-devel |
novell | suse_linux | kernel-source | p-cpe:/a:novell:suse_linux:kernel-source |
novell | suse_linux | kernel-syms | p-cpe:/a:novell:suse_linux:kernel-syms |
novell | suse_linux | kernel-trace | p-cpe:/a:novell:suse_linux:kernel-trace |
novell | suse_linux | kernel-trace-base | p-cpe:/a:novell:suse_linux:kernel-trace-base |
novell | suse_linux | kernel-trace-devel | p-cpe:/a:novell:suse_linux:kernel-trace-devel |
novell | suse_linux | kernel-xen | p-cpe:/a:novell:suse_linux:kernel-xen |
novell | suse_linux | kernel-xen-base | p-cpe:/a:novell:suse_linux:kernel-xen-base |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5108
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0305
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10732
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10769
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10773
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12652
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12656
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13974
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14416
www.nessus.org/u?35e8a7af
bugzilla.suse.com/1159912
bugzilla.suse.com/1159913
bugzilla.suse.com/1162002
bugzilla.suse.com/1171218
bugzilla.suse.com/1171219
bugzilla.suse.com/1171220
bugzilla.suse.com/1172775
bugzilla.suse.com/1172999
bugzilla.suse.com/1173265
bugzilla.suse.com/1174462
bugzilla.suse.com/1174543
www.suse.com/security/cve/CVE-2019-5108
www.suse.com/security/cve/CVE-2020-0305
www.suse.com/security/cve/CVE-2020-10732
www.suse.com/security/cve/CVE-2020-10769
www.suse.com/security/cve/CVE-2020-10773
www.suse.com/security/cve/CVE-2020-12652
www.suse.com/security/cve/CVE-2020-12656
www.suse.com/security/cve/CVE-2020-13974
www.suse.com/security/cve/CVE-2020-14416