| Source | Link |
|---|---|
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| nessus | www.nessus.org/u |
| support | www.support.lenovo.com/us/en/solutions/LEN-22133 |
| nessus | www.nessus.org/u |
| openwall | www.openwall.com/lists/oss-security/2020/06/10/1 |
| openwall | www.openwall.com/lists/oss-security/2020/06/10/2 |
| openwall | www.openwall.com/lists/oss-security/2020/06/10/5 |
| securityfocus | www.securityfocus.com/bid/104232 |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(290381);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/06");
script_cve_id("CVE-2018-3639");
script_name(english:"Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001227)");
script_set_attribute(attribute:"synopsis", value:
"The Unity Linux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the
UTSA-2026-001227 advisory.
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads
before the addresses of all prior memory writes are known may allow unauthorized disclosure of information
to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB),
Variant 4.
Tenable has extracted the preceding description block directly from the Unity Linux security advisory.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://src.uniontech.com/#/security_advisory_detail?utsa_id=UTSA-2026-001227
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?905a2c85");
# http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ccb7a56c");
# http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9073d091");
# http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00007.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d5299d44");
script_set_attribute(attribute:"see_also", value:"http://support.lenovo.com/us/en/solutions/LEN-22133");
# http://www.fujitsu.com/global/support/products/software/security/products-f/cve-2018-3639e.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ab57ba47");
script_set_attribute(attribute:"see_also", value:"http://www.openwall.com/lists/oss-security/2020/06/10/1");
script_set_attribute(attribute:"see_also", value:"http://www.openwall.com/lists/oss-security/2020/06/10/2");
script_set_attribute(attribute:"see_also", value:"http://www.openwall.com/lists/oss-security/2020/06/10/5");
script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/bid/104232");
script_set_attribute(attribute:"see_also", value:"http://www.securitytracker.com/id/1040949");
script_set_attribute(attribute:"see_also", value:"http://www.securitytracker.com/id/1042004");
script_set_attribute(attribute:"see_also", value:"http://xenbits.xen.org/xsa/advisory-263.html");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1629");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1630");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1632");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1633");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1635");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1636");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1637");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1638");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1639");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1640");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1641");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1642");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1643");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1644");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1645");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1646");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1647");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1648");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1649");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1650");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1651");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1652");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1653");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1654");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1655");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1656");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1657");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1658");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1659");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1660");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1661");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1662");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1663");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1664");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1665");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1666");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1667");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1668");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1669");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1674");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1675");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1676");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1686");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1688");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1689");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1690");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1696");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1710");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1711");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1737");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1738");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1826");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1854");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1965");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1967");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1997");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2001");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2003");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2006");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2060");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2161");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2162");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2164");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2171");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2172");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2216");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2228");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2246");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2250");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2258");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2289");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2309");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2328");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2363");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2364");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2387");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2394");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2396");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2948");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3396");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3397");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3398");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3399");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3400");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3401");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3402");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3407");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3423");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3424");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:3425");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:0148");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:1046");
script_set_attribute(attribute:"see_also", value:"https://bugs.chromium.org/p/project-zero/issues/detail?id=1528");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-268644.pdf");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf");
# https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c89c164f");
# https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?148b2157");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2018/07/msg00038.html");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html");
script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html");
script_set_attribute(attribute:"see_also", value:"https://nvidia.custhelp.com/app/answers/detail/a_id/4787");
# https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?36d8913e");
script_set_attribute(attribute:"see_also", value:"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0004");
script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2019/Jun/36");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2018-3639");
script_set_attribute(attribute:"see_also", value:"https://security.netapp.com/advisory/ntap-20180521-0001/");
script_set_attribute(attribute:"see_also", value:"https://support.citrix.com/article/CTX235225");
# https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03850en_us
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?abd55666");
# https://support.oracle.com/knowledge/Sun%20Microsystems/2481872_1.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c34fd747");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180521-cpusidechannel
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fc974ba6");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3651-1/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3652-1/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3653-1/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3653-2/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3654-1/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3654-2/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3655-1/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3655-2/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3679-1/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3680-1/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3756-1/");
script_set_attribute(attribute:"see_also", value:"https://usn.ubuntu.com/3777-3/");
script_set_attribute(attribute:"see_also", value:"https://www.debian.org/security/2018/dsa-4210");
script_set_attribute(attribute:"see_also", value:"https://www.debian.org/security/2018/dsa-4273");
script_set_attribute(attribute:"see_also", value:"https://www.exploit-db.com/exploits/44695/");
# https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c2acd2ee");
script_set_attribute(attribute:"see_also", value:"https://www.kb.cert.org/vuls/id/180049");
# https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0006
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?23319717");
script_set_attribute(attribute:"see_also", value:"https://www.oracle.com/security-alerts/cpujul2020.html");
# https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?799b2d05");
script_set_attribute(attribute:"see_also", value:"https://www.synology.com/support/security/Synology_SA_18_23");
script_set_attribute(attribute:"see_also", value:"https://www.us-cert.gov/ncas/alerts/TA18-141A");
script_set_attribute(attribute:"solution", value:
"Update the affected kernel package.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-3639");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/05/21");
script_set_attribute(attribute:"patch_publication_date", value:"2026/01/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Unity Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info2.nasl");
script_require_keys("Host/local_checks_enabled", "Host/UOS-Server/release", "Host/UOS-Server/rpm-list", "Host/cpu");
exit(0);
}
include('rpm2.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'UOS Server' >!< os_product) audit(AUDIT_OS_NOT, 'UOS Server');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'UOS Server');
if (! preg(pattern:"^20.1050e|20.1060e|20.1070e([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'UOS Server 20.1050e / 20.1060e / 20.1070e', 'UOS Server ' + os_version);
if (!get_kb_item('Host/UOS-Server/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'amd64' >!< cpu && 'sw_64' >!< cpu && 'x86_64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'UOS Server', cpu);
var constraints = [
{
'release': '20',
'sp': '1050e',
'pkgs': [
{'reference':'kernel-4.19.90-2211.5.0.0178.45', 'sp':'1050e', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-4.19.90-2211.5.0.0178.45', 'sp':'1050e', 'cpu':'amd64', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-4.19.90-2211.5.0.0178.45', 'sp':'1050e', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE}
]
},
{
'release': '20',
'sp': '1060e',
'pkgs': [
{'reference':'kernel-4.19.90-2305.1.0.0199.102', 'sp':'1060e', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-4.19.90-2305.1.0.0199.102', 'sp':'1060e', 'cpu':'amd64', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-4.19.90-2305.1.0.0199.102', 'sp':'1060e', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE}
]
},
{
'release': '20',
'sp': '1070e',
'pkgs': [
{'reference':'kernel-4.19.90-2409.6.0.0297.103.005', 'sp':'1070e', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-4.19.90-2409.6.0.0297.103.005', 'sp':'1070e', 'cpu':'amd64', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-4.19.90-2409.6.0.0297.103.005', 'sp':'1070e', 'cpu':'sw_64', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-4.19.90-2409.6.0.0297.103.005', 'sp':'1070e', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE}
]
}
];
var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');
var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
# Check that the target release is equal to the affected release
if (!empty_or_null(constraint['release'])){
if (constraint['release'] != os_release) continue;
}
if (!empty_or_null(constraint['sp'])){
if (constraint['sp'] != os_sp) continue;
}
foreach var pkg ( constraint['pkgs'] ) {
reference = NULL;
sp = NULL;
_cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
exists_check = NULL;
cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
## (no known rpm to check OR known rpm_exists)
(!exists_check || rpm_exists(rpm:exists_check)) &&
rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_NOTE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation