Lucene search
This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2021-0608-1.NASLHistoryMar 01, 2021 - 12:00 a.m.
SUSE SLES12 Security Update : glibc (SUSE-SU-2021:0608-1)
2021-03-0100:00:00
This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
32
This update for glibc fixes the following issues :
Fix buffer overrun in EUC-KR conversion module (CVE-2019-25013, bsc#1182117, BZ #24973)
gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)
Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)
powerpc: Add support for POWER10 (bsc#1181365)
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2021:0608-1.
# The text itself is copyright (C) SUSE.
#
include('compat.inc');
if (description)
{
script_id(146924);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/10");
script_cve_id("CVE-2019-25013", "CVE-2021-3326");
script_name(english:"SUSE SLES12 Security Update : glibc (SUSE-SU-2021:0608-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"This update for glibc fixes the following issues :
Fix buffer overrun in EUC-KR conversion module (CVE-2019-25013,
bsc#1182117, BZ #24973)
gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326,
bsc#1181505, BZ #27256)
Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)
powerpc: Add support for POWER10 (bsc#1181365)
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1180038");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1181365");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1181505");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1182117");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-25013/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3326/");
# https://www.suse.com/support/update/announcement/2021/suse-su-20210608-1
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8802a8b0");
script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Software Development Kit 12-SP5 :
zypper in -t patch SUSE-SLE-SDK-12-SP5-2021-608=1
SUSE Linux Enterprise Server 12-SP5 :
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-608=1");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-25013");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2021-3326");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/01/04");
script_set_attribute(attribute:"patch_publication_date", value:"2021/02/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/03/01");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-locale");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-locale-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:glibc-profile");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nscd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nscd-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(5)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP5", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-32bit-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-debuginfo-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-debuginfo-32bit-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-debugsource-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-devel-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-devel-32bit-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-devel-debuginfo-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-devel-debuginfo-32bit-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-locale-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-locale-32bit-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-locale-debuginfo-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-locale-debuginfo-32bit-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-profile-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"glibc-profile-32bit-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"nscd-2.22-114.5.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"nscd-debuginfo-2.22-114.5.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glibc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | glibc | p-cpe:/a:novell:suse_linux:glibc |
| novell | suse_linux | glibc-debuginfo | p-cpe:/a:novell:suse_linux:glibc-debuginfo |
| novell | suse_linux | glibc-debugsource | p-cpe:/a:novell:suse_linux:glibc-debugsource |
| novell | suse_linux | glibc-devel | p-cpe:/a:novell:suse_linux:glibc-devel |
| novell | suse_linux | glibc-devel-debuginfo | p-cpe:/a:novell:suse_linux:glibc-devel-debuginfo |
| novell | suse_linux | glibc-locale | p-cpe:/a:novell:suse_linux:glibc-locale |
| novell | suse_linux | glibc-locale-debuginfo | p-cpe:/a:novell:suse_linux:glibc-locale-debuginfo |
| novell | suse_linux | glibc-profile | p-cpe:/a:novell:suse_linux:glibc-profile |
| novell | suse_linux | nscd | p-cpe:/a:novell:suse_linux:nscd |
| novell | suse_linux | nscd-debuginfo | p-cpe:/a:novell:suse_linux:nscd-debuginfo |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
www.nessus.org/u?8802a8b0
bugzilla.suse.com/show_bug.cgi?id=1180038
bugzilla.suse.com/show_bug.cgi?id=1181365
bugzilla.suse.com/show_bug.cgi?id=1181505
bugzilla.suse.com/show_bug.cgi?id=1182117
www.suse.com/security/cve/CVE-2019-25013/
www.suse.com/security/cve/CVE-2021-3326/
Related
nessus
nessus
EulerOS Virtualization 2.9.1 : glibc (EulerOS-SA-2021-1713)
2021-04-15 00:00:00
EulerOS Virtualization 2.9.0 : glibc (EulerOS-SA-2021-1750)
2021-04-15 00:00:00
Photon OS 4.0: Glibc PHSA-2021-4.0-0005
2021-03-24 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0005
2021-03-16 00:00:00
Important Photon OS Security Update - PHSA-2021-4.0-0005
2021-03-16 00:00:00
Moderate Photon OS Security Update - PHSA-2021-0189
2021-01-28 00:00:00
archlinux
archlinux
[ASA-202102-17] glibc: denial of service
2021-02-07 00:00:00
[ASA-202102-16] lib32-glibc: denial of service
2021-02-07 00:00:00
ubuntucve
ubuntucve
CVE-2019-25013
2021-01-04 00:00:00
CVE-2021-3326
2021-01-27 00:00:00
osv
osv
CVE-2019-25013
2021-01-04 18:15:13
Moderate: glibc security, bug fix, and enhancement update
2021-05-18 05:35:07
Moderate: glibc security, bug fix, and enhancement update
2021-05-18 05:35:07
fedora
fedora
[SECURITY] Fedora 33 Update: glibc-2.32-3.fc33
2021-01-18 01:35:42
[SECURITY] Fedora 32 Update: glibc-2.31-5.fc32
2021-01-20 01:28:29
prion
prion
Buffer overflow
2021-01-04 18:15:00
Input validation
2021-01-27 20:15:00
cbl_mariner
cbl_mariner
CVE-2019-25013 affecting package glibc 2.28-24
2021-01-29 07:39:27
CVE-2021-3326 affecting package glibc 2.28-24
2021-03-03 03:44:14
amazon
amazon
debiancve
debiancve
CVE-2019-25013
2021-01-04 18:15:00
CVE-2021-3326
2021-01-27 20:15:00
redhatcve
redhatcve
CVE-2019-25013
2021-01-05 22:30:36
CVE-2021-3326
2021-01-28 20:56:52
veracode
veracode
Buffer Overflow
2021-02-05 03:21:05
Denial Of Service (DoS)
2021-05-24 00:38:10
f5
f5
K68251873 : glibc vulnerability CVE-2019-25013
2021-03-10 00:00:00
glibc vulnerability CVE-2021-3326
2021-03-10 15:49:00
cve
cve
CVE-2019-25013
2021-01-04 18:15:00
CVE-2021-3326
2021-01-27 20:15:00
gentoo
gentoo
glibc: Multiple vulnerabilities
2021-07-06 00:00:00
suse
suse
Security update for glibc (important)
2021-02-28 00:00:00
rocky
rocky
glibc security, bug fix, and enhancement update
2021-05-18 05:35:07
oraclelinux
oraclelinux
glibc security, bug fix, and enhancement update
2021-05-25 00:00:00
glibc security update
2021-06-04 00:00:00
glibc security update
2021-07-02 00:00:00
redhat
redhat
(RHSA-2021:1585) Moderate: glibc security, bug fix, and enhancement update
2021-05-18 05:35:07
(RHSA-2021:0348) Moderate: glibc security and bug fix update
2021-02-02 09:29:25
(RHSA-2021:2705) Moderate: Release of OpenShift Serverless 1.16.0
2021-07-13 16:31:04
almalinux
almalinux
Moderate: glibc security, bug fix, and enhancement update
2021-05-18 05:35:07
ibm
ibm
Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability
2021-12-15 05:08:26
Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Verify Access
2022-01-07 00:24:27
Security Bulletin: Cloud Pak for Security contains security vulnerabilities
2021-05-13 21:45:28
redos
redos
ROS-20230420-02
2023-04-20 00:00:00
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-3326, CVE-2021-43396
2021-11-22 12:20:39
Fix of CVE: CVE-2021-3326, CVE-2021-43396
2021-11-08 16:35:06
ubuntu
ubuntu
GNU C Library vulnerabilities
2022-10-25 00:00:00
GNU C Library vulnerabilities
2022-12-08 00:00:00
GNU C Library vulnerabilities
2022-03-01 00:00:00
mageia
mageia
Updated glibc packages fix security vulnerability
2021-01-24 03:36:09
Updated glibc packages fixes security vulnerabilities
2021-03-21 13:43:43
centos
centos
glibc, nscd security update
2021-02-04 01:02:29
cloudfoundry
cloudfoundry
USN-5310-1: GNU C Library vulnerabilities | Cloud Foundry
2023-05-18 00:00:00
debian
debian
[SECURITY] [DLA 3152-1] glibc security update
2022-10-17 15:54:41
ics
ics
Siemens SIMATIC S7-1500 TM MFP BIOS
2023-06-15 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1844
2021-07-02 16:56:21
avleonov
avleonov
oracle
oracle
Oracle Critical Patch Update Advisory - January 2022
2022-01-18 00:00:00
Related for SUSE_SU-2021-0608-1.NASL