Vulners
Lucene search
Linux Distros Unpatched Vulnerability : CVE-2019-14250
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(255512);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2025/09/05");
script_cve_id("CVE-2019-14250");
script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2019-14250");
script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.
- An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in
simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant
heap-based buffer overflow. (CVE-2019-14250)
Note that Nessus relies on the presence of the package as reported by the vendor.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-14250");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2019-14250");
script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
script_set_attribute(attribute:"agent", value:"unix");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-14250");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vendor_unpatched", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/07/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/08/26");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:8");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:binutils");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:binutils");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:binutils-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:cpp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-c++");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-gdb-plugin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-gfortran");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-gnat");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-go");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-objc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-objc++");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-offload-nvptx");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-plugin-annobin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gcc-plugin-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libasan");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libasan-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libatomic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libatomic-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgcc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgfortran");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgfortran-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgnat");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgnat-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgnat-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgo-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgo-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgomp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libgomp-offload-nvptx");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libitm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libitm-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libitm-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:liblsan");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libmudflap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libmudflap-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libmudflap-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libobjc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libquadmath");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libquadmath-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libquadmath-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libstdc++");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libstdc++-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libstdc++-docs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libstdc++-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libtsan");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libtsan-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libubsan");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:binutils");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:binutils-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:cpp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gcc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gcc-c++");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gcc-gdb-plugin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gcc-gfortran");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gcc-gnat");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gcc-go");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gcc-objc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gcc-objc++");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gcc-offload-nvptx");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gcc-plugin-annobin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gcc-plugin-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libasan");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libasan-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libatomic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libatomic-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libgcc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libgfortran");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libgfortran-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libgnat");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libgnat-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libgnat-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libgo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libgo-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libgo-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libgomp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libgomp-offload-nvptx");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libitm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libitm-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libitm-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:liblsan");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libmudflap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libmudflap-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libmudflap-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libobjc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libquadmath");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libquadmath-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libquadmath-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libstdc++");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libstdc++-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libstdc++-docs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libstdc++-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libtsan");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libtsan-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libubsan");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info2.nasl", "set_linux_os_id.nasl");
script_require_keys("Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched", "Host/OS/identifier");
script_require_ports("Host/OS/CentOS Linux-7", "Host/OS/CentOS Linux-8", "Host/OS/Red Hat Enterprise Linux-7", "Host/OS/Red Hat Enterprise Linux-8", "Host/OS/Ubuntu Linux-14.04");
exit(0);
}
if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/CentOS/rpm-list")) && empty_or_null(get_one_kb_item("Host/Debian/dpkg-l")) && empty_or_null(get_one_kb_item("Host/RedHat/rpm-list"))) audit(AUDIT_PACKAGE_LIST_MISSING);
include('linux_unpatched.inc');
var distro_constraints_array = {
"Ubuntu Linux-14.04": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "14.04",
"pkgs": [
{"reference": "binutils"},
{"reference": "binutils-dev"},
{"reference": "binutils-doc"},
{"reference": "binutils-hppa64"},
{"reference": "binutils-multiarch"},
{"reference": "binutils-multiarch-dev"},
{"reference": "binutils-source"},
{"reference": "binutils-static"},
{"reference": "binutils-static-udeb"}
]
}
]
},
"CentOS Linux-7": {
"package_manager": "rpm-list",
"constraints": [
{
"release": "7",
"pkgs": [
{"reference": "binutils"},
{"reference": "binutils-devel"},
{"reference": "cpp"},
{"reference": "gcc"},
{"reference": "gcc-c++"},
{"reference": "gcc-gfortran"},
{"reference": "gcc-gnat"},
{"reference": "gcc-go"},
{"reference": "gcc-objc"},
{"reference": "gcc-objc++"},
{"reference": "gcc-plugin-devel"},
{"reference": "libasan"},
{"reference": "libasan-static"},
{"reference": "libatomic"},
{"reference": "libatomic-static"},
{"reference": "libgcc"},
{"reference": "libgfortran"},
{"reference": "libgfortran-static"},
{"reference": "libgnat"},
{"reference": "libgnat-devel"},
{"reference": "libgnat-static"},
{"reference": "libgo"},
{"reference": "libgo-devel"},
{"reference": "libgo-static"},
{"reference": "libgomp"},
{"reference": "libitm"},
{"reference": "libitm-devel"},
{"reference": "libitm-static"},
{"reference": "libmudflap"},
{"reference": "libmudflap-devel"},
{"reference": "libmudflap-static"},
{"reference": "libobjc"},
{"reference": "libquadmath"},
{"reference": "libquadmath-devel"},
{"reference": "libquadmath-static"},
{"reference": "libstdc++"},
{"reference": "libstdc++-devel"},
{"reference": "libstdc++-docs"},
{"reference": "libstdc++-static"},
{"reference": "libtsan"},
{"reference": "libtsan-static"}
]
}
]
},
"Red Hat Enterprise Linux-7": {
"package_manager": "rpm-list",
"constraints": [
{
"release": "7",
"pkgs": [
{"reference": "binutils"},
{"reference": "binutils-devel"},
{"reference": "cpp"},
{"reference": "gcc"},
{"reference": "gcc-c++"},
{"reference": "gcc-gfortran"},
{"reference": "gcc-gnat"},
{"reference": "gcc-go"},
{"reference": "gcc-objc"},
{"reference": "gcc-objc++"},
{"reference": "gcc-plugin-devel"},
{"reference": "libasan"},
{"reference": "libasan-static"},
{"reference": "libatomic"},
{"reference": "libatomic-static"},
{"reference": "libgcc"},
{"reference": "libgfortran"},
{"reference": "libgfortran-static"},
{"reference": "libgnat"},
{"reference": "libgnat-devel"},
{"reference": "libgnat-static"},
{"reference": "libgo"},
{"reference": "libgo-devel"},
{"reference": "libgo-static"},
{"reference": "libgomp"},
{"reference": "libitm"},
{"reference": "libitm-devel"},
{"reference": "libitm-static"},
{"reference": "libmudflap"},
{"reference": "libmudflap-devel"},
{"reference": "libmudflap-static"},
{"reference": "libobjc"},
{"reference": "libquadmath"},
{"reference": "libquadmath-devel"},
{"reference": "libquadmath-static"},
{"reference": "libstdc++"},
{"reference": "libstdc++-devel"},
{"reference": "libstdc++-docs"},
{"reference": "libstdc++-static"},
{"reference": "libtsan"},
{"reference": "libtsan-static"}
]
}
]
},
"CentOS Linux-8": {
"package_manager": "rpm-list",
"constraints": [
{
"release": "8",
"pkgs": [
{"reference": "binutils"},
{"reference": "binutils-devel"},
{"reference": "cpp"},
{"reference": "gcc"},
{"reference": "gcc-c++"},
{"reference": "gcc-gdb-plugin"},
{"reference": "gcc-gfortran"},
{"reference": "gcc-offload-nvptx"},
{"reference": "gcc-plugin-annobin"},
{"reference": "gcc-plugin-devel"},
{"reference": "libasan"},
{"reference": "libatomic"},
{"reference": "libatomic-static"},
{"reference": "libgcc"},
{"reference": "libgfortran"},
{"reference": "libgfortran-static"},
{"reference": "libgomp"},
{"reference": "libgomp-offload-nvptx"},
{"reference": "libitm"},
{"reference": "libitm-devel"},
{"reference": "liblsan"},
{"reference": "libquadmath"},
{"reference": "libquadmath-devel"},
{"reference": "libquadmath-static"},
{"reference": "libstdc++"},
{"reference": "libstdc++-devel"},
{"reference": "libstdc++-docs"},
{"reference": "libstdc++-static"},
{"reference": "libtsan"},
{"reference": "libubsan"}
]
}
]
},
"Red Hat Enterprise Linux-8": {
"package_manager": "rpm-list",
"constraints": [
{
"release": "8",
"pkgs": [
{"reference": "binutils"},
{"reference": "binutils-devel"},
{"reference": "cpp"},
{"reference": "gcc"},
{"reference": "gcc-c++"},
{"reference": "gcc-gdb-plugin"},
{"reference": "gcc-gfortran"},
{"reference": "gcc-offload-nvptx"},
{"reference": "gcc-plugin-annobin"},
{"reference": "gcc-plugin-devel"},
{"reference": "libasan"},
{"reference": "libatomic"},
{"reference": "libatomic-static"},
{"reference": "libgcc"},
{"reference": "libgfortran"},
{"reference": "libgfortran-static"},
{"reference": "libgomp"},
{"reference": "libgomp-offload-nvptx"},
{"reference": "libitm"},
{"reference": "libitm-devel"},
{"reference": "liblsan"},
{"reference": "libquadmath"},
{"reference": "libquadmath-devel"},
{"reference": "libquadmath-static"},
{"reference": "libstdc++"},
{"reference": "libstdc++-devel"},
{"reference": "libstdc++-docs"},
{"reference": "libstdc++-static"},
{"reference": "libtsan"},
{"reference": "libubsan"}
]
}
]
}
};
var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);
if (!empty_or_null(report))
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : report
);
exit(0);
}
else
{
audit(AUDIT_HOST_NOT, 'affected');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
05 Sep 2025 00:00Current
6.8Medium risk
Vulners AI Score6.8
CVSS 24.3
CVSS 3.15.5
EPSS0.00186