Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2021-2324-1.NASL
HistoryJul 15, 2021 - 12:00 a.m.

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:2324-1)

2021-07-1500:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
168
JSON

The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2324-1 advisory.

  • An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. (CVE-2019-25045)

  • The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn’t require that the A-MSDU flag in the plaintext QoS header field is authenticated.
    Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. (CVE-2020-24588)

  • Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time. (CVE-2020-26558)

  • An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of- bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf. (CVE-2020-36386)

  • Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. (CVE-2021-0129)

  • In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel (CVE-2021-0512)

  • In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-110373476 (CVE-2021-0605)

  • In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)

  • net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. (CVE-2021-34693)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2021:2324-1. The text itself
# is copyright (C) SUSE.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(151653);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/13");

  script_cve_id(
    "CVE-2019-25045",
    "CVE-2020-24588",
    "CVE-2020-26558",
    "CVE-2020-36386",
    "CVE-2021-0129",
    "CVE-2021-0512",
    "CVE-2021-0605",
    "CVE-2021-33624",
    "CVE-2021-34693"
  );
  script_xref(name:"SuSE", value:"SUSE-SU-2021:2324-1");

  script_name(english:"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:2324-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple
vulnerabilities as referenced in the SUSE-SU-2021:2324-1 advisory.

  - An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free,
    related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. (CVE-2019-25045)

  - The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent
    Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated.
    Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an
    adversary can abuse this to inject arbitrary network packets. (CVE-2020-24588)

  - Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby
    man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication
    procedure) by reflection of the public key and the authentication evidence of the initiating device,
    potentially permitting this attacker to complete authenticated pairing with the responding device using
    the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit
    at a time. (CVE-2020-26558)

  - An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-
    bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf. (CVE-2020-36386)

  - Improper access control in BlueZ may allow an authenticated user to potentially enable information
    disclosure via adjacent access. (CVE-2021-0129)

  - In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to
    a heap buffer overflow. This could lead to local escalation of privilege with no additional execution
    privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android
    kernelAndroid ID: A-173843328References: Upstream kernel (CVE-2021-0512)

  - In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This
    could lead to local information disclosure in the kernel with System execution privileges needed. User
    interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-110373476
    (CVE-2021-0605)

  - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because
    of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a
    side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)

  - net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from
    kernel stack memory because parts of a data structure are uninitialized. (CVE-2021-34693)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1103990");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1103991");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1104353");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1113994");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1114648");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1129770");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1135481");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1136345");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1174978");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1179610");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1182470");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1185486");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1185677");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1185701");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1185861");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1185863");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186206");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186264");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186463");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186515");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186516");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186517");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186518");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186519");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186520");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186521");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186522");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186523");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186524");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186525");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186526");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186527");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186528");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186529");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186530");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186531");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186532");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186533");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186534");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186535");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186537");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186538");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186539");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186540");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186541");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186542");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186543");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186545");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186546");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186547");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186548");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186549");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186550");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186551");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186552");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186554");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186555");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186556");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186627");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186635");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186638");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186698");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186699");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186700");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186701");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187038");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187049");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187402");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187404");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187407");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187408");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187409");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187411");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187412");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187452");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187453");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187455");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187554");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187595");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187601");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187630");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187631");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187833");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187867");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187972");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1188010");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-25045");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-24588");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-26558");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-36386");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-0129");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-0512");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-0605");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-33624");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-34693");
  # https://lists.suse.com/pipermail/sle-security-updates/2021-July/009141.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a6f67c61");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-36386");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2021-0512");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/05/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/07/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/07/15");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cluster-md-kmp-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dlm-kmp-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gfs2-kmp-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-kgraft");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-kgraft-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-man");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-macros");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-obs-build");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-source");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_77-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ocfs2-kmp-default");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLES12|SLES_SAP12)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED12 / SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);

var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLED12" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED12 SP5", os_ver + " SP" + service_pack);
if (os_ver == "SLES12" && (! preg(pattern:"^(3|4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES12 SP3/4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP12" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP12 SP5", os_ver + " SP" + service_pack);

var pkgs = [
    {'reference':'kernel-default-4.12.14-122.77.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
    {'reference':'kernel-default-base-4.12.14-122.77.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
    {'reference':'kernel-default-devel-4.12.14-122.77.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
    {'reference':'kernel-default-man-4.12.14-122.77.1', 'sp':'5', 'cpu':'s390x', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
    {'reference':'kernel-devel-4.12.14-122.77.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
    {'reference':'kernel-macros-4.12.14-122.77.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
    {'reference':'kernel-source-4.12.14-122.77.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
    {'reference':'kernel-syms-4.12.14-122.77.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},
    {'reference':'cluster-md-kmp-default-4.12.14-122.77.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},
    {'reference':'cluster-md-kmp-default-4.12.14-122.77.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},
    {'reference':'cluster-md-kmp-default-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},
    {'reference':'dlm-kmp-default-4.12.14-122.77.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},
    {'reference':'dlm-kmp-default-4.12.14-122.77.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},
    {'reference':'dlm-kmp-default-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},
    {'reference':'gfs2-kmp-default-4.12.14-122.77.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},
    {'reference':'gfs2-kmp-default-4.12.14-122.77.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},
    {'reference':'gfs2-kmp-default-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},
    {'reference':'ocfs2-kmp-default-4.12.14-122.77.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},
    {'reference':'ocfs2-kmp-default-4.12.14-122.77.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},
    {'reference':'ocfs2-kmp-default-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.5']},
    {'reference':'kernel-default-kgraft-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.5']},
    {'reference':'kernel-default-kgraft-devel-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.5']},
    {'reference':'kgraft-patch-4_12_14-122_77-default-1-8.3.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.5']},
    {'reference':'kernel-obs-build-4.12.14-122.77.1', 'sp':'5', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5']},
    {'reference':'kernel-obs-build-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5']},
    {'reference':'kernel-default-extra-4.12.14-122.77.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-12.5']},
    {'reference':'kernel-default-extra-4.12.14-122.77.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-12.5']},
    {'reference':'kernel-default-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
    {'reference':'kernel-default-base-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
    {'reference':'kernel-default-devel-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
    {'reference':'kernel-default-man-4.12.14-122.77.1', 'sp':'5', 'cpu':'s390x', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
    {'reference':'kernel-devel-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
    {'reference':'kernel-macros-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
    {'reference':'kernel-source-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},
    {'reference':'kernel-syms-4.12.14-122.77.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']}
];

var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var exists_check = NULL;
  var rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && _release) {
    if (exists_check) {
      var check_flag = 0;
      foreach var check (exists_check) {
        if (!rpm_exists(release:_release, rpm:check)) continue;
        check_flag++;
      }
      if (!check_flag) continue;
    }
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc');
}
VendorProductVersionCPE
novellsuse_linuxcluster-md-kmp-defaultp-cpe:/a:novell:suse_linux:cluster-md-kmp-default
novellsuse_linuxdlm-kmp-defaultp-cpe:/a:novell:suse_linux:dlm-kmp-default
novellsuse_linuxgfs2-kmp-defaultp-cpe:/a:novell:suse_linux:gfs2-kmp-default
novellsuse_linuxkernel-defaultp-cpe:/a:novell:suse_linux:kernel-default
novellsuse_linuxkernel-default-basep-cpe:/a:novell:suse_linux:kernel-default-base
novellsuse_linuxkernel-default-develp-cpe:/a:novell:suse_linux:kernel-default-devel
novellsuse_linuxkernel-default-extrap-cpe:/a:novell:suse_linux:kernel-default-extra
novellsuse_linuxkernel-default-kgraftp-cpe:/a:novell:suse_linux:kernel-default-kgraft
novellsuse_linuxkernel-default-kgraft-develp-cpe:/a:novell:suse_linux:kernel-default-kgraft-devel
novellsuse_linuxkernel-default-manp-cpe:/a:novell:suse_linux:kernel-default-man
Rows per page:
1-10 of 181

References

Related

openvas 39
nessus 52
suse 6
mageia 3
osv 11
debian 3
intel 2
cloudfoundry 1
ubuntu 5
prion 9
debiancve 9
gentoo 1
amazon 2
cve 9
redhatcve 9
veracode 8
f5 2
ubuntucve 9
cnvd 1
cbl_mariner 5
githubexploit 1
oraclelinux 1
redhat 3
mscve 1
rocky 1
ibm 1
photon 2
hp 2
fedora 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:2324-1)
2021-07-15 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:2321-1)
2021-07-15 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:2325-1)
2021-07-15 00:00:00
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2321-1)
2021-07-15 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2349-1)
2021-07-15 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2021:2303-1)
2021-07-14 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2021-07-21 00:00:00
Security update for the Linux Kernel (important)
2021-07-13 00:00:00
Security update for the Linux Kernel (important)
2021-07-15 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2021-06-29 00:16:35
Updated kernel-linus packages fix security vulnerabilities
2021-06-29 00:16:35
Updated bluez packages fix security vulnerability
2021-06-23 20:11:28
osv
osv
bluez - security update
2021-06-27 00:00:00
bluez - security update
2021-08-07 00:00:00
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
2021-07-20 21:48:59
debian
debian
[SECURITY] [DLA 2692-1] bluez security update
2021-06-26 23:26:46
[SECURITY] [DSA 4951-1] bluez security update
2021-08-07 18:51:55
[SECURITY] [DSA 4951-1] bluez security update
2021-08-07 18:51:55
intel
intel
BlueZ Advisory
2021-06-08 00:00:00
Intel® Wireless Bluetooth® and Killer™ Bluetooth® Advisory
2021-06-08 00:00:00
cloudfoundry
cloudfoundry
USN-5017-1: Linux kernel vulnerabilities | Cloud Foundry
2021-09-07 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2021-07-20 00:00:00
Linux kernel vulnerabilities
2021-08-18 00:00:00
Linux kernel vulnerabilities
2021-08-24 00:00:00
prion
prion
Design/Logic Flaw
2021-06-07 20:15:00
Type confusion
2021-06-23 16:15:00
Design/Logic Flaw
2021-06-14 22:15:00
debiancve
debiancve
CVE-2019-25045
2021-06-07 20:15:00
CVE-2020-36386
2021-06-07 20:15:00
CVE-2020-26558
2021-05-24 18:15:00
gentoo
gentoo
BlueZ: Multiple Vulnerabilities
2022-09-29 00:00:00
amazon
amazon
Important: kernel
2021-07-14 20:35:00
Important: kernel
2021-07-14 20:35:00
cve
cve
CVE-2019-25045
2021-06-07 20:15:00
CVE-2020-36386
2021-06-07 20:15:00
CVE-2020-26558
2021-05-24 18:15:00
redhatcve
redhatcve
CVE-2019-25045
2021-06-08 15:14:03
CVE-2020-36386
2021-06-08 14:14:23
CVE-2021-33624
2021-06-21 18:26:25
veracode
veracode
Denial Of Service (DoS)
2021-08-18 17:22:51
Privilege Escalation
2021-09-30 13:37:11
Denial Of Service (DoS)
2021-11-26 00:41:02
f5
f5
K20176943 : Linux kernel vulnerability CVE-2019-25045
2022-10-24 00:00:00
K76934290 : Linux kernel vulnerability CVE-2020-36386
2022-10-19 00:00:00
ubuntucve
ubuntucve
CVE-2019-25045
2021-06-07 00:00:00
CVE-2020-36386
2021-06-07 00:00:00
CVE-2021-33624
2021-06-23 00:00:00
cnvd
cnvd
Linux Kernel Information Disclosure Vulnerability (CNVD-2021-60528)
2021-06-22 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-33624 affecting package kernel 5.10.189.1-1
2021-09-09 15:03:26
CVE-2021-33624 affecting package kernel 5.10.78.1-1
2022-04-09 06:52:47
CVE-2021-34693 affecting package kernel 5.10.78.1-1
2022-04-09 06:52:47
githubexploit
githubexploit
Exploit for Observable Discrepancy in Linux Linux Kernel
2021-06-25 22:19:38
oraclelinux
oraclelinux
bluez security update
2021-11-24 00:00:00
redhat
redhat
(RHSA-2021:4432) Moderate: bluez security update
2021-11-09 09:21:28
(RHSA-2021:3445) Important: kernel-rt security and bug fix update
2021-09-07 14:39:26
(RHSA-2021:4122) Important: kpatch-patch security update
2021-11-03 15:21:40
mscve
mscve
Windows Wireless Networking Spoofing Vulnerability
2021-05-11 07:00:00
rocky
rocky
kernel security, bug fix, and enhancement update
2021-07-22 03:16:44
ibm
ibm
Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management
2021-12-24 13:23:23
photon
photon
Important Photon OS Security Update - PHSA-2021-0058
2021-07-07 00:00:00
Important Photon OS Security Update - PHSA-2021-0055
2021-07-01 00:00:00
hp
hp
Intel® Wireless Bluetooth® and Killer™ Bluetooth® June 2021 Security Update
2021-06-08 00:00:00
PC Wireless Wi-Fi Adapter Driver Security Updates August 2021
2021-08-27 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: kernel-5.12.7-300.fc34
2021-05-28 01:01:35
JSON
Related for SUSE_SU-2021-2324-1.NASL
openvas39nessus52suse6mageia3osv11debian3intel2cloudfoundry1ubuntu5prion9debiancve9gentoo1amazon2cve9redhatcve9veracode8f52ubuntucve9cnvd1cbl_mariner5githubexploit1oraclelinux1redhat3mscve1rocky1ibm1photon2hp2fedora1