Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2020-2079-1.NASL
HistoryJul 30, 2020 - 12:00 a.m.

SUSE SLES12 Security Update : grub2 (SUSE-SU-2020:2079-1)

2020-07-3000:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
26

7.9 High

AI Score

Confidence

High

JSON

This update for grub2 fixes the following issues :

Fix for CVE-2020-10713 (bsc#1168994)

Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812)

Fix for CVE-2020-15706 (bsc#1174463)

Fix for CVE-2020-15707 (bsc#1174570)

Use overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data

Use grub_calloc for overflow check and return NULL when it would occur

Use gcc-9 compiler for overflow check builtins

Backport gcc-9 build fixes

Fix packed-not-aligned error on GCC 8 (bsc#1084632)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2020:2079-1.
# The text itself is copyright (C) SUSE.
#

include('compat.inc');

if (description)
{
  script_id(139178);
  script_version("1.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/27");

  script_cve_id(
    "CVE-2020-10713",
    "CVE-2020-14308",
    "CVE-2020-14309",
    "CVE-2020-14310",
    "CVE-2020-14311",
    "CVE-2020-15706",
    "CVE-2020-15707"
  );
  script_xref(name:"IAVA", value:"2020-A-0349");
  script_xref(name:"CEA-ID", value:"CEA-2020-0061");

  script_name(english:"SUSE SLES12 Security Update : grub2 (SUSE-SU-2020:2079-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"This update for grub2 fixes the following issues :

Fix for CVE-2020-10713 (bsc#1168994)

Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
(bsc#1173812)

Fix for CVE-2020-15706 (bsc#1174463)

Fix for CVE-2020-15707 (bsc#1174570)

Use overflow checking primitives where the arithmetic expression for
buffer allocations may include unvalidated data

Use grub_calloc for overflow check and return NULL when it would occur

Use gcc-9 compiler for overflow check builtins

Backport gcc-9 build fixes

Fix packed-not-aligned error on GCC 8 (bsc#1084632)

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1084632");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1168994");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1173812");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1174463");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1174570");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-10713/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-14308/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-14309/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-14310/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-14311/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-15706/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-15707/");
  # https://www.suse.com/support/update/announcement/2020/suse-su-20202079-1
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?03fdfd67");
  script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE OpenStack Cloud Crowbar 8 :

zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-2079=1

SUSE OpenStack Cloud 8 :

zypper in -t patch SUSE-OpenStack-Cloud-8-2020-2079=1

SUSE Linux Enterprise Server for SAP 12-SP3 :

zypper in -t patch SUSE-SLE-SAP-12-SP3-2020-2079=1

SUSE Linux Enterprise Server 12-SP3-LTSS :

zypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-2079=1

SUSE Linux Enterprise Server 12-SP3-BCL :

zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-2079=1

SUSE Enterprise Storage 5 :

zypper in -t patch SUSE-Storage-5-2020-2079=1

HPE Helion Openstack 8 :

zypper in -t patch HPE-Helion-OpenStack-8-2020-2079=1");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-14309");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2020-10713");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/07/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/07/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/07/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:grub2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:grub2-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:grub2-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:grub2-i386-pc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:grub2-s390x-emu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:grub2-x86_64-efi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:grub2-x86_64-xen");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"II");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP3", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES12", sp:"3", cpu:"x86_64", reference:"grub2-i386-pc-2.02-4.53.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", cpu:"x86_64", reference:"grub2-x86_64-efi-2.02-4.53.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", cpu:"x86_64", reference:"grub2-x86_64-xen-2.02-4.53.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", cpu:"s390x", reference:"grub2-s390x-emu-2.02-4.53.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"grub2-2.02-4.53.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"grub2-debuginfo-2.02-4.53.1")) flag++;
if (rpm_check(release:"SLES12", sp:"3", reference:"grub2-debugsource-2.02-4.53.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "grub2");
}
VendorProductVersionCPE
novellsuse_linuxgrub2p-cpe:/a:novell:suse_linux:grub2
novellsuse_linuxgrub2-debuginfop-cpe:/a:novell:suse_linux:grub2-debuginfo
novellsuse_linuxgrub2-debugsourcep-cpe:/a:novell:suse_linux:grub2-debugsource
novellsuse_linuxgrub2-i386-pcp-cpe:/a:novell:suse_linux:grub2-i386-pc
novellsuse_linuxgrub2-s390x-emup-cpe:/a:novell:suse_linux:grub2-s390x-emu
novellsuse_linuxgrub2-x86_64-efip-cpe:/a:novell:suse_linux:grub2-x86_64-efi
novellsuse_linuxgrub2-x86_64-xenp-cpe:/a:novell:suse_linux:grub2-x86_64-xen
novellsuse_linux12cpe:/o:novell:suse_linux:12

References

Related

nessus 51
debian 1
suse 2
osv 8
photon 5
fedora 2
redhat 21
qualysblog 1
centos 2
oraclelinux 8
ubuntu 2
f5 2
mageia 1
gentoo 1
ibm 4
mscve 1
hp 1
redos 1
redhatcve 7
cbl_mariner 12
prion 7
alpinelinux 7
cve 7
debiancve 7
ubuntucve 7
veracode 7
lenovo 2
cisa 1
checkpoint_security 1
cert 1
thn 1
huawei 1
githubexploit 1
cisco 1
ics 1
threatpost 1
attackerkb 1
rosalinux 1
nessus
nessus
EulerOS Virtualization 2.9.1 : grub2 (EulerOS-SA-2021-1601)
2021-03-10 00:00:00
SUSE SLED15 / SLES15 Security Update : grub2 (SUSE-SU-2020:2074-1)
2020-07-30 00:00:00
SUSE SLES15 Security Update : grub2 (SUSE-SU-2020:2073-1)
2020-07-30 00:00:00
debian
debian
[SECURITY] [DSA 4735-1] grub2 security update
2020-07-29 16:59:52
suse
suse
Security update for grub2 (important)
2020-08-08 00:00:00
Security update for grub2 (important)
2020-08-08 00:00:00
osv
osv
grub2 - security update
2020-07-29 00:00:00
CVE-2020-14311
2020-07-31 22:15:11
CVE-2020-14310
2020-07-31 22:15:11
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0267
2020-07-30 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0311
2020-07-30 00:00:00
Important Photon OS Security Update - PHSA-2020-0120
2020-07-23 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: grub2-2.02-110.fc31
2020-09-27 01:05:37
[SECURITY] Fedora 32 Update: grub2-2.04-22.fc32
2020-09-14 13:26:52
redhat
redhat
(RHSA-2020:3275) Moderate: grub2 security and bug fix update
2020-08-03 10:37:39
(RHSA-2020:3271) Moderate: grub2 security and bug fix update
2020-08-03 10:36:06
(RHSA-2020:3227) Moderate: grub2 security update
2020-07-29 19:56:15
qualysblog
qualysblog
GRUB2 Boothole Buffer Overflow Vulnerability (CVE-2020-10713) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR®
2020-08-03 21:35:38
centos
centos
grub2, mokutil, shim security update
2020-07-30 00:08:50
bpftool, kernel, perf, python security update
2020-07-30 00:08:16
oraclelinux
oraclelinux
grub2 security update
2020-07-29 00:00:00
grub2 security update
2020-07-29 00:00:00
grub2 security update
2020-07-29 00:00:00
ubuntu
ubuntu
GRUB 2 vulnerabilities
2020-07-29 00:00:00
GRUB2 regression
2020-08-04 00:00:00
f5
f5
K48187630 : Multiple grub2 vulnerabilities
2021-03-18 00:00:00
K42232641 : GRUB2 vulnerability CVE-2020-10713
2020-08-07 00:00:00
mageia
mageia
Updated grub2 packages fix security vulnerabilities
2021-07-09 01:43:19
gentoo
gentoo
GRUB: Multiple vulnerabilities
2021-04-30 00:00:00
ibm
ibm
Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to Using Components with Known Vulnerabilities
2020-10-30 16:18:45
Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities
2023-12-19 17:14:04
Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a GNU GRUB2 security vulnerability (CVE-2020-10713)
2020-10-02 15:35:07
mscve
mscve
Microsoft Guidance for Addressing Security Feature Bypass in GRUB
2020-07-29 07:00:00
hp
hp
HPSBHF03678 rev. 2 - GRUB2 Bootloader Arbitrary Code Execution
2020-07-25 00:00:00
redos
redos
ROS-20220920-01
2022-09-20 00:00:00
redhatcve
redhatcve
CVE-2020-14309
2020-07-29 17:06:12
CVE-2020-14311
2020-07-29 17:06:16
CVE-2020-15707
2020-07-29 17:06:20
cbl_mariner
cbl_mariner
CVE-2020-14308 affecting package grub2 2.06~rc1-10
2021-05-06 23:56:52
CVE-2020-14310 affecting package grub2 2.06~rc1-7
2022-04-26 20:17:11
CVE-2020-14308 affecting package grub2 2.06~rc1-7
2022-04-26 20:17:11
prion
prion
Heap overflow
2020-07-31 22:15:00
Buffer overflow
2020-07-29 20:15:00
Heap overflow
2020-07-31 22:15:00
alpinelinux
alpinelinux
CVE-2020-14309
2020-07-30 13:15:00
CVE-2020-14311
2020-07-31 22:15:00
CVE-2020-15707
2020-07-29 18:15:00
cve
cve
CVE-2020-14311
2020-07-31 22:15:00
CVE-2020-15707
2020-07-29 18:15:00
CVE-2020-14310
2020-07-31 22:15:00
debiancve
debiancve
CVE-2020-14311
2020-07-31 22:15:00
CVE-2020-14310
2020-07-31 22:15:00
CVE-2020-15707
2020-07-29 18:15:00
ubuntucve
ubuntucve
CVE-2020-15707
2020-07-29 00:00:00
CVE-2020-14311
2020-07-29 00:00:00
CVE-2020-14310
2020-07-29 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-07-30 02:02:34
Denial Of Service (DoS)
2020-07-30 02:02:32
Denial Of Service (DoS)
2020-07-30 02:02:35
lenovo
lenovo
GRUB2 Vulnerability – AKA
2020-07-30 15:15:08
GRUB2 Vulnerability – AKA
2020-07-30 15:15:08
cisa
cisa
GNU GRUB2 Vulnerability
2020-07-30 00:00:00
checkpoint_security
checkpoint_security
Check Point response to CVE-2020-10713 (GRUB2 bootloader is vulnerable to buffer overflow)
2020-08-02 22:52:23
cert
cert
GRUB2 bootloader is vulnerable to buffer overflow
2020-07-29 00:00:00
thn
thn
Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems
2020-07-29 19:13:00
huawei
huawei
Security Advisory - Buffer Overflow Vulnerability BootHole in GRUB2 Secure Boot
2020-09-23 00:00:00
githubexploit
githubexploit
Exploit for Classic Buffer Overflow in Gnu Grub2
2020-07-29 00:01:41
cisco
cisco
GRUB2 Arbitrary Code Execution Vulnerability
2020-08-04 23:00:00
ics
ics
Hitachi Energy APM Edge (Update A)
2022-10-18 12:00:00
threatpost
threatpost
Billions of Devices Impacted by Secure Boot Bypass
2020-07-29 19:53:23
attackerkb
attackerkb
CVE-2020-10713 - BootHole
2020-07-30 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1849
2021-07-02 17:01:29

7.9 High

AI Score

Confidence

High

JSON
Related for SUSE_SU-2020-2079-1.NASL
nessus51debian1suse2osv8photon5fedora2redhat21qualysblog1centos2oraclelinux8ubuntu2f52mageia1gentoo1ibm4mscve1hp1redos1redhatcve7cbl_mariner12prion7alpinelinux7cve7debiancve7ubuntucve7veracode7lenovo2cisa1checkpoint_security1cert1thn1huawei1githubexploit1cisco1ics1threatpost1attackerkb1rosalinux1