SuSE Update for Kernel openSUSE-SU-2017:1685-1 (Kernel)

2017-06-26T00:00:00
ID OPENVAS:1361412562310851573
Type openvas
Reporter Copyright (C) 2017 Greenbone Networks GmbH
Modified 2017-12-08T00:00:00

Description

Check the version of the Kernel

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_suse_2017_1685_1.nasl 8048 2017-12-08 09:05:48Z santu $
#
# SuSE Update for Kernel openSUSE-SU-2017:1685-1 (Kernel)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.851573");
  script_version("$Revision: 8048 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-08 10:05:48 +0100 (Fri, 08 Dec 2017) $");
  script_tag(name:"creation_date", value:"2017-06-26 18:54:49 +0200 (Mon, 26 Jun 2017)");
  script_cve_id("CVE-2017-1000364");
  script_tag(name:"cvss_base", value:"6.2");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:N/C:C/I:C/A:C");
  script_tag(name:"qod_type", value:"package");
  script_name("SuSE Update for Kernel openSUSE-SU-2017:1685-1 (Kernel)");
  script_tag(name: "summary", value: "Check the version of the Kernel");
  script_tag(name: "vuldetect", value: "Get the installed version with the help 
of detect NVT and check if the version is vulnerable or not.");
  script_tag(name: "insight", value: "
  The openSUSE Leap 42.2 kernel was updated to 4.4.73 to receive security
  and bugfixes.


  The following security bugs were fixed:

  - CVE-2017-1000364: An issue was discovered in the size of the stack guard
  page on Linux, specifically a 4k stack guard page is not sufficiently
  large and can be 'jumped' over (the stack guard page is bypassed), this
  affects Linux Kernel versions 4.11.5 and earlier (the stackguard page
  was introduced in 2010) (bnc#1039348).

  The previous fix caused some Java applications to crash and has been
  replaced by the upstream fix.

  The following non-security bugs were fixed:

  - md: fix a null dereference (bsc#1040351).
  - net/mlx5e: Fix timestamping capabilities reporting (bsc#966170,
  bsc#1015342)
  - reiserfs: don't preallocate blocks for extended attributes (bsc#990682)
  - ibmvnic: Fix error handling when registering long-term-mapped  buffers
  (bsc#1045568).
  - Fix kabi after adding new field to struct mddev (bsc#1040351).
  - Fix soft lockup in svc_rdma_send (bsc#729329).
  - IB/addr: Fix setting source address in addr6_resolve() (bsc#1044082).
  - IB/ipoib: Fix memory leak in create child syscall (bsc#1022595
  FATE#322350).
  - IB/mlx5: Assign DSCP for R-RoCE QPs Address Path (bsc#966170 bsc#966172
  bsc#966191).
  - IB/mlx5: Check supported flow table size (bsc#966170 bsc#966172
  bsc#966191).
  - IB/mlx5: Enlarge autogroup flow table (bsc#966170 bsc#966172 bsc#966191).
  - IB/mlx5: Fix kernel to user leak prevention logic (bsc#966170 bsc#966172
  bsc#966191).
  - NFSv4: do not let hanging mounts block other mounts (bsc#1040364).
  - [v2, 2/3] powerpc/fadump: avoid holes in boot memory area when fadump is
  registered (bsc#1037669).
  - [v2,1/3] powerpc/fadump: avoid duplicates in crash memory ranges
  (bsc#1037669).
  - [v2,3/3] powerpc/fadump: provide a helpful error message (bsc#1037669).
  - dm: remove dummy dm_table definition (bsc#1045307)
  - ibmvnic: Activate disabled RX buffer pools on reset (bsc#1044767).
  - ibmvnic: Client-initiated failover (bsc#1043990).
  - ibmvnic: Correct return code checking for ibmvnic_init during probe
  (bsc#1045286).
  - ibmvnic: Ensure that TX queues are disabled in __ibmvnic_close
  (bsc#1044767).
  - ibmvnic: Exit polling routine correctly during adapter reset
  (bsc#1044767).
  - ibmvnic: Fix incorrectly defined ibmvnic_request_map_rsp structure
  (bsc#1045568).
  - ibmvnic: Remove VNIC_CLOSING check from pending_scrq (bsc#1044767).
  - ibmvnic: Remove module author mailing address (bsc#1045467).
  - ibmvnic: Remove netdev notify for failover resets (bsc#1044120).
  - ibmvnic: Return from ibmvn ... 

  Description truncated, for more information please check the Reference URL");
  script_tag(name: "affected", value: "Kernel on openSUSE Leap 42.2");
  script_tag(name: "solution", value: "Please Install the Updated Packages.");

  script_xref(name: "openSUSE-SU", value: "2017:1685_1");
  script_tag(name:"solution_type", value:"VendorFix");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2017 Greenbone Networks GmbH");
  script_family("SuSE Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/suse", "ssh/login/rpms");
  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");

res = "";
if(release == NULL){
  exit(0);
}

if(release == "openSUSELeap42.2")
{

  if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug-base", rpm:"kernel-debug-base~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug-base-debuginfo", rpm:"kernel-debug-base-debuginfo~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug-debugsource", rpm:"kernel-debug-debugsource~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-debug-devel-debuginfo", rpm:"kernel-debug-devel-debuginfo~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-default-base", rpm:"kernel-default-base~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-default-base-debuginfo", rpm:"kernel-default-base-debuginfo~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-default-debuginfo", rpm:"kernel-default-debuginfo~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-default-debugsource", rpm:"kernel-default-debugsource~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-default-devel", rpm:"kernel-default-devel~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-obs-build", rpm:"kernel-obs-build~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-obs-build-debugsource", rpm:"kernel-obs-build-debugsource~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-obs-qa", rpm:"kernel-obs-qa~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-vanilla", rpm:"kernel-vanilla~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-vanilla-base", rpm:"kernel-vanilla-base~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-vanilla-base-debuginfo", rpm:"kernel-vanilla-base-debuginfo~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-vanilla-debuginfo", rpm:"kernel-vanilla-debuginfo~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-vanilla-debugsource", rpm:"kernel-vanilla-debugsource~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-vanilla-devel", rpm:"kernel-vanilla-devel~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-docs", rpm:"kernel-docs~4.4.73~18.17.2", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-docs-html", rpm:"kernel-docs-html~4.4.73~18.17.2", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-docs-pdf", rpm:"kernel-docs-pdf~4.4.73~18.17.2", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-macros", rpm:"kernel-macros~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"kernel-source-vanilla", rpm:"kernel-source-vanilla~4.4.73~18.17.1", rls:"openSUSELeap42.2")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}