ID OPENVAS:1361412562310874695 Type openvas Reporter Copyright (C) 2018 Greenbone Networks GmbH Modified 2019-03-15T00:00:00
Description
The remote host is missing an update for the
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_fedora_2018_b57db4753c_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $
#
# Fedora Update for kernel FEDORA-2018-b57db4753c
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.874695");
script_version("$Revision: 14223 $");
script_tag(name:"last_modification", value:"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $");
script_tag(name:"creation_date", value:"2018-06-18 06:02:23 +0200 (Mon, 18 Jun 2018)");
script_cve_id("CVE-2018-10853", "CVE-2018-11506", "CVE-2018-10840", "CVE-2018-3639",
"CVE-2018-1120", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1108",
"CVE-2018-10021", "CVE-2017-18232", "CVE-2018-7995", "CVE-2018-8043",
"CVE-2018-7757", "CVE-2018-5803", "CVE-2018-1065", "CVE-2018-1000026",
"CVE-2018-5750", "CVE-2018-1000004", "CVE-2018-5344", "CVE-2018-5332",
"CVE-2018-5333", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864",
"CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855",
"CVE-2017-17856", "CVE-2017-17857", "CVE-2017-17741", "CVE-2017-17712",
"CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17448", "CVE-2017-17558",
"CVE-2017-8824", "CVE-2017-1000405", "CVE-2017-16649", "CVE-2017-16650",
"CVE-2017-16644", "CVE-2017-16647", "CVE-2017-15115", "CVE-2017-16532",
"CVE-2017-16538", "CVE-2017-12193");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"qod_type", value:"package");
script_name("Fedora Update for kernel FEDORA-2018-b57db4753c");
script_tag(name:"summary", value:"The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present
on the target host.");
script_tag(name:"affected", value:"kernel on Fedora 27");
script_tag(name:"solution", value:"Please install the updated packages.");
script_xref(name:"FEDORA", value:"2018-b57db4753c");
script_xref(name:"URL", value:"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22G4FPLZ4Y2WCMKTQG2WQFPR36Y3V4U4");
script_tag(name:"solution_type", value:"VendorFix");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2018 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC27");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "FC27")
{
if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~4.16.15~200.fc27", rls:"FC27")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
{"id": "OPENVAS:1361412562310874695", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for kernel FEDORA-2018-b57db4753c", "description": "The remote host is missing an update for the ", "published": "2018-06-18T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874695", "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22G4FPLZ4Y2WCMKTQG2WQFPR36Y3V4U4", "2018-b57db4753c"], "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-11506", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "lastseen": "2019-05-29T18:33:03", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "fedora", "idList": ["FEDORA:25BDD6190ECF", "FEDORA:AB52460321C9", "FEDORA:E6F08605DCE7", "FEDORA:909D360491BF", "FEDORA:08D3760E6566", "FEDORA:10F7D6255145", "FEDORA:74245604D4DA", "FEDORA:4832F6079717", "FEDORA:DF5176048167", "FEDORA:B54D264CBCAC"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310874400", "OPENVAS:1361412562310874623", "OPENVAS:1361412562310874647", "OPENVAS:1361412562310874721", "OPENVAS:1361412562310874751", "OPENVAS:1361412562310874919", "OPENVAS:1361412562310874606", "OPENVAS:1361412562310874761", "OPENVAS:1361412562310874366", "OPENVAS:1361412562310874813"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-4073.NASL", "FEDORA_2018-22D5FA8A90.NASL", "FEDORA_2017-BA6B6E71F7.NASL", "FEDORA_2018-8ED5EFF2C0.NASL", "FEDORA_2017-129969AA8A.NASL", "ALA_ALAS-2018-944.NASL"]}, {"type": "archlinux", "idList": ["ASA-201801-3", "ASA-201801-1", "ASA-201801-4"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4073-1:79398"]}, {"type": "cve", "idList": ["CVE-2017-17864", "CVE-2017-17862", "CVE-2017-17855", "CVE-2017-17853", "CVE-2017-18232", "CVE-2017-17863", "CVE-2017-16532", "CVE-2017-17856", "CVE-2017-16649", "CVE-2017-17857"]}, {"type": "amazon", "idList": ["ALAS-2018-944"]}], "modified": "2019-05-29T18:33:03", "rev": 2}, "score": {"value": 6.7, "vector": "NONE", "modified": "2019-05-29T18:33:03", "rev": 2}, "vulnersScore": 6.7}, "pluginID": "1361412562310874695", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_b57db4753c_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-b57db4753c\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874695\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-18 06:02:23 +0200 (Mon, 18 Jun 2018)\");\n script_cve_id(\"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\",\n \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\",\n \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\", \"CVE-2018-8043\",\n \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\", \"CVE-2018-1000026\",\n \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\", \"CVE-2018-5332\",\n \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\",\n \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\",\n \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\", \"CVE-2017-17712\",\n \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\",\n \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\", \"CVE-2017-16650\",\n \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\", \"CVE-2017-16532\",\n \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-b57db4753c\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-b57db4753c\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22G4FPLZ4Y2WCMKTQG2WQFPR36Y3V4U4\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.16.15~200.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}
{"fedora": [{"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-1065", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "description": "The kernel meta package ", "modified": "2018-04-18T01:31:51", "published": "2018-04-18T01:31:51", "id": "FEDORA:74245604D4DA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.15.17-300.fc27", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "description": "The kernel meta package ", "modified": "2018-06-17T19:45:35", "published": "2018-06-17T19:45:35", "id": "FEDORA:DF5176048167", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.16.15-200.fc27", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "description": "The kernel meta package ", "modified": "2018-05-25T15:46:24", "published": "2018-05-25T15:46:24", "id": "FEDORA:08D3760E6566", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.16.11-200.fc27", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "description": "The kernel meta package ", "modified": "2018-06-05T14:11:50", "published": "2018-06-05T14:11:50", "id": "FEDORA:4832F6079717", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.16.13-200.fc27", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-1065", "CVE-2018-1108", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "description": "The kernel meta package ", "modified": "2018-04-29T05:16:13", "published": "2018-04-29T05:16:13", "id": "FEDORA:AB52460321C9", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.16.4-200.fc27", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "description": "The kernel meta package ", "modified": "2018-05-29T11:50:44", "published": "2018-05-29T11:50:44", "id": "FEDORA:E6F08605DCE7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.16.12-200.fc27", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12904", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "description": "The kernel meta package ", "modified": "2018-06-28T13:35:42", "published": "2018-06-28T13:35:42", "id": "FEDORA:25BDD6190ECF", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.17.2-100.fc27", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "description": "The kernel meta package ", "modified": "2018-06-22T14:12:17", "published": "2018-06-22T14:12:17", "id": "FEDORA:10F7D6255145", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.16.16-200.fc27", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "description": "The kernel meta package ", "modified": "2018-07-01T01:37:15", "published": "2018-07-01T01:37:15", "id": "FEDORA:909D360491BF", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.17.3-100.fc27", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14678", "CVE-2018-3639", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "description": "The kernel meta package ", "modified": "2018-08-03T19:58:28", "published": "2018-08-03T19:58:28", "id": "FEDORA:B54D264CBCAC", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.17.11-100.fc27", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:32:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-11506", "CVE-2017-17852", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-06-06T00:00:00", "id": "OPENVAS:1361412562310874647", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874647", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-e8f793bbfc", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_e8f793bbfc_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-e8f793bbfc\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874647\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-06 10:21:31 +0200 (Wed, 06 Jun 2018)\");\n script_cve_id(\"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\",\n \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2018-10021\",\n \"CVE-2017-18232\", \"CVE-2018-7995\", \"CVE-2018-8043\", \"CVE-2018-7757\",\n \"CVE-2018-5803\", \"CVE-2018-1065\", \"CVE-2018-1000026\", \"CVE-2018-5750\",\n \"CVE-2018-1000004\", \"CVE-2018-5344\", \"CVE-2018-5332\", \"CVE-2018-5333\",\n \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-17852\",\n \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\",\n \"CVE-2017-17857\", \"CVE-2017-17741\", \"CVE-2017-17712\", \"CVE-2017-17449\",\n \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\", \"CVE-2017-8824\",\n \"CVE-2017-1000405\", \"CVE-2017-16649\", \"CVE-2017-16650\", \"CVE-2017-16644\",\n \"CVE-2017-16647\", \"CVE-2017-15115\", \"CVE-2017-16532\", \"CVE-2017-16538\",\n \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-e8f793bbfc\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-e8f793bbfc\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F32LED4G6QF446ZM5G7MOPFDAP4VB6M2\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.16.13~200.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2017-12193", "CVE-2017-17862", "CVE-2017-17852", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2017-16650", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2017-17856"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-05-02T00:00:00", "id": "OPENVAS:1361412562310874400", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874400", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-e71875c4aa", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_e71875c4aa_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-e71875c4aa\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874400\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-02 16:59:02 +0530 (Wed, 02 May 2018)\");\n script_cve_id(\"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\", \"CVE-2018-8043\",\n \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\", \"CVE-2018-1000026\",\n \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\", \"CVE-2018-5332\",\n \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\",\n \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\",\n \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\", \"CVE-2017-17712\",\n \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\",\n \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\", \"CVE-2017-16650\",\n \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\", \"CVE-2017-16532\",\n \"CVE-2017-16538\", \"CVE-2017-12193\", \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-e71875c4aa\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-e71875c4aa\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/23BZYWCPCFYSPRRRVNCK6UFYCODGX6GB\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.16.4~200.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2017-12193", "CVE-2017-17862", "CVE-2017-17852", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-05-30T00:00:00", "id": "OPENVAS:1361412562310874623", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874623", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-9d0e4e40b5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_9d0e4e40b5_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-9d0e4e40b5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874623\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-30 06:02:06 +0200 (Wed, 30 May 2018)\");\n script_cve_id(\"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\",\n \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\",\n \"CVE-2018-7995\", \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\",\n \"CVE-2018-1065\", \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\",\n \"CVE-2018-5344\", \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\",\n \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\",\n \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\",\n \"CVE-2017-17741\", \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\",\n \"CVE-2017-17448\", \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\",\n \"CVE-2017-16649\", \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\",\n \"CVE-2017-15115\", \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-9d0e4e40b5\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-9d0e4e40b5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YAUGR47M3LDUN54S6SH2OQ3U6U2LS7HA\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.16.12~200.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-06-23T00:00:00", "id": "OPENVAS:1361412562310874721", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874721", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-c449dc1c9c", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_c449dc1c9c_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-c449dc1c9c\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874721\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-23 06:16:07 +0200 (Sat, 23 Jun 2018)\");\n script_cve_id(\"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\",\n \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\",\n \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\",\n \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\",\n \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\",\n \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\",\n \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\",\n \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\",\n \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-c449dc1c9c\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-c449dc1c9c\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y5RAP5M7DMT24XOVYRAYT7GRQE5OWLU3\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.16.16~200.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2017-12193", "CVE-2017-17862", "CVE-2017-17852", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2017-16650", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2017-17856"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-04-18T00:00:00", "id": "OPENVAS:1361412562310874366", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874366", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-1e033dc308", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_1e033dc308_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-1e033dc308\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874366\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-18 08:57:51 +0200 (Wed, 18 Apr 2018)\");\n script_cve_id(\"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\", \"CVE-2018-8043\",\n \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\", \"CVE-2018-1000026\",\n \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\", \"CVE-2018-5332\",\n \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\",\n \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\",\n \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\", \"CVE-2017-17712\",\n \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\",\n \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\", \"CVE-2017-16650\",\n \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\", \"CVE-2017-16532\",\n \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-1e033dc308\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-1e033dc308\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKS5SHENFBKZBNJZ5A6BMP6JNTK5D4QC\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.15.17~300.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2017-12193", "CVE-2017-17862", "CVE-2017-17852", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-05-26T00:00:00", "id": "OPENVAS:1361412562310874606", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874606", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-93c2e74446", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_93c2e74446_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-93c2e74446\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874606\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-05-26 05:55:13 +0200 (Sat, 26 May 2018)\");\n script_cve_id(\"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\",\n \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\",\n \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\",\n \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\",\n \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\",\n \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\",\n \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\",\n \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\",\n \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-93c2e74446\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-93c2e74446\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4XJ6WFI3BA27DJD66OHZX644RGQ7EBV\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.16.11~200.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-12904", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-06-29T00:00:00", "id": "OPENVAS:1361412562310874751", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874751", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-b997780dca", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_b997780dca_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-b997780dca\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874751\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-06-29 10:57:08 +0200 (Fri, 29 Jun 2018)\");\n script_cve_id(\"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\",\n \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\",\n \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\",\n \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\",\n \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\",\n \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\",\n \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\",\n \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\",\n \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\", \"CVE-2018-12904\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-b997780dca\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-b997780dca\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2V7GQIYQYXQJNRX5DEJNNO6YKOHQC42\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.17.2~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-12633", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-07-03T00:00:00", "id": "OPENVAS:1361412562310874761", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874761", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-2a0f8b2c9d", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_2a0f8b2c9d_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-2a0f8b2c9d\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874761\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-07-03 06:02:18 +0200 (Tue, 03 Jul 2018)\");\n script_cve_id(\"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\",\n \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\",\n \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\",\n \"CVE-2018-7995\", \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\",\n \"CVE-2018-1065\", \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\",\n \"CVE-2018-5344\", \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\",\n \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\",\n \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\",\n \"CVE-2017-17741\", \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\",\n \"CVE-2017-17448\", \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\",\n \"CVE-2017-16649\", \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\",\n \"CVE-2017-15115\", \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-2a0f8b2c9d\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-2a0f8b2c9d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGVBVYZZR6UYWHRCMCVLU3DVJMBOYBLP\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.17.3~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2018-13053", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-12633", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2018-13093", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2018-14734", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2018-3620", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-14678", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856", "CVE-2018-12896", "CVE-2018-13094"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-08-19T00:00:00", "id": "OPENVAS:1361412562310874964", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874964", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-1c80fea1cd", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_1c80fea1cd_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-1c80fea1cd\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874964\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-19 06:42:42 +0200 (Sun, 19 Aug 2018)\");\n script_cve_id(\"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\",\n \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\",\n \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\",\n \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\",\n \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\",\n \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\",\n \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\",\n \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\",\n \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\",\n \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\",\n \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\",\n \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-1c80fea1cd\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-1c80fea1cd\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XRFKQWYV2H4BV75CUNGCGE5TNVQCLBGZ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.17.14~102.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2018-13053", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-12633", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-12714", "CVE-2018-13406", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2018-13093", "CVE-2017-17853", "CVE-2018-7757", "CVE-2017-15115", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-1120", "CVE-2018-1065", "CVE-2017-18232", "CVE-2017-16647", "CVE-2018-5332", "CVE-2017-17449", "CVE-2018-10322", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856", "CVE-2018-12896", "CVE-2018-13094"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-07-15T00:00:00", "id": "OPENVAS:1361412562310874813", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874813", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-8484550fff", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_8484550fff_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-8484550fff\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874813\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-07-15 06:04:39 +0200 (Sun, 15 Jul 2018)\");\n script_cve_id(\"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\",\n \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\",\n \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\",\n \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\",\n \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\",\n \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\",\n \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\",\n \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\",\n \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\",\n \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\",\n \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\",\n \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\", \"CVE-2018-13406\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-8484550fff\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-8484550fff\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOZHI2THAILWJPPQV3NONSSGW7WEZHWA\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.17.5~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-07T10:16:32", "description": "The 4.14.11 stable kernel update contains a number of important fixes\nacross the tree. This also includes the KPTI patches to mitigate the\nMeltdown vulnerability for x86 architectures.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 17, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-15T00:00:00", "title": "Fedora 27 : kernel (2018-22d5fa8a90)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-17863", "CVE-2017-17862", "CVE-2017-17852", "CVE-2017-17854", "CVE-2017-17853", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17864", "CVE-2017-17856"], "modified": "2018-01-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-22D5FA8A90.NASL", "href": "https://www.tenable.com/plugins/nessus/106024", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-22d5fa8a90.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106024);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\");\n script_xref(name:\"FEDORA\", value:\"2018-22d5fa8a90\");\n\n script_name(english:\"Fedora 27 : kernel (2018-22d5fa8a90)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.14.11 stable kernel update contains a number of important fixes\nacross the tree. This also includes the KPTI patches to mitigate the\nMeltdown vulnerability for x86 architectures.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-22d5fa8a90\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-22d5fa8a90\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"kernel-4.14.11-300.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:19:25", "description": "The 4.14.11 stable kernel update contains a number of important fixes\nacross the tree. This also includes the KPTI patches to mitigate the\nMeltdown vulnerability for x86 architectures\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 19, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-05T00:00:00", "title": "Fedora 26 : kernel (2018-8ed5eff2c0)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-17863", "CVE-2017-17862", "CVE-2017-17852", "CVE-2017-17854", "CVE-2017-17853", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17864", "CVE-2017-17856"], "modified": "2018-01-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2018-8ED5EFF2C0.NASL", "href": "https://www.tenable.com/plugins/nessus/105596", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-8ed5eff2c0.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105596);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\");\n script_xref(name:\"FEDORA\", value:\"2018-8ed5eff2c0\");\n\n script_name(english:\"Fedora 26 : kernel (2018-8ed5eff2c0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.14.11 stable kernel update contains a number of important fixes\nacross the tree. This also includes the KPTI patches to mitigate the\nMeltdown vulnerability for x86 architectures\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-8ed5eff2c0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-8ed5eff2c0\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"kernel-4.14.11-200.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:51:15", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\n - CVE-2017-8824\n Mohamed Ghannam discovered that the DCCP implementation\n did not correctly manage resources when a socket is\n disconnected and reconnected, potentially leading to a\n use-after-free. A local user could use this for denial\n of service (crash or data corruption) or possibly for\n privilege escalation. On systems that do not already\n have the dccp module loaded, this can be mitigated by\n disabling it:echo >> /etc/modprobe.d/disable-dccp.conf\n install dccp false\n\n - CVE-2017-16538\n Andrey Konovalov reported that the dvb-usb-lmedm04 media\n driver did not correctly handle some error conditions\n during initialisation. A physically present user with a\n specially designed USB device can use this to cause a\n denial of service (crash).\n\n - CVE-2017-16644\n Andrey Konovalov reported that the hdpvr media driver\n did not correctly handle some error conditions during\n initialisation. A physically present user with a\n specially designed USB device can use this to cause a\n denial of service (crash).\n\n - CVE-2017-16995\n Jann Horn discovered that the Extended BPF verifier did\n not correctly model the behaviour of 32-bit load\n instructions. A local user can use this for privilege\n escalation.\n\n - CVE-2017-17448\n Kevin Cernekee discovered that the netfilter subsystem\n allowed users with the CAP_NET_ADMIN capability in any\n user namespace, not just the root namespace, to enable\n and disable connection tracking helpers. This could lead\n to denial of service, violation of network security\n policy, or have other impact.\n\n - CVE-2017-17449\n Kevin Cernekee discovered that the netlink subsystem\n allowed users with the CAP_NET_ADMIN capability in any\n user namespace to monitor netlink traffic in all net\n namespaces, not just those owned by that user namespace.\n This could lead to exposure of sensitive information.\n\n - CVE-2017-17450\n Kevin Cernekee discovered that the xt_osf module allowed\n users with the CAP_NET_ADMIN capability in any user\n namespace to modify the global OS fingerprint list.\n\n - CVE-2017-17558\n Andrey Konovalov reported that that USB core did not\n correctly handle some error conditions during\n initialisation. A physically present user with a\n specially designed USB device can use this to cause a\n denial of service (crash or memory corruption), or\n possibly for privilege escalation.\n\n - CVE-2017-17712\n Mohamed Ghannam discovered a race condition in the IPv4\n raw socket implementation. A local user could use this\n to obtain sensitive information from the kernel.\n\n - CVE-2017-17741\n Dmitry Vyukov reported that the KVM implementation for\n x86 would over-read data from memory when emulating an\n MMIO write if the kvm_mmio tracepoint was enabled. A\n guest virtual machine might be able to use this to cause\n a denial of service (crash).\n\n - CVE-2017-17805\n It was discovered that some implementations of the\n Salsa20 block cipher did not correctly handle\n zero-length input. A local user could use this to cause\n a denial of service (crash) or possibly have other\n security impact.\n\n - CVE-2017-17806\n It was discovered that the HMAC implementation could be\n used with an underlying hash algorithm that requires a\n key, which was not intended. A local user could use this\n to cause a denial of service (crash or memory\n corruption), or possibly for privilege escalation.\n\n - CVE-2017-17807\n Eric Biggers discovered that the KEYS subsystem lacked a\n check for write permission when adding keys to a\n process's default keyring. A local user could use this\n to cause a denial of service or to obtain sensitive\n information.\n\n - CVE-2017-17862\n Alexei Starovoitov discovered that the Extended BPF\n verifier ignored unreachable code, even though it would\n still be processed by JIT compilers. This could possibly\n be used by local users for denial of service. It also\n increases the severity of bugs in determining\n unreachable code.\n\n - CVE-2017-17863\n Jann Horn discovered that the Extended BPF verifier did\n not correctly model pointer arithmetic on the stack\n frame pointer. A local user can use this for privilege\n escalation.\n\n - CVE-2017-17864\n Jann Horn discovered that the Extended BPF verifier\n could fail to detect pointer leaks from conditional\n code. A local user could use this to obtain sensitive\n information in order to exploit other vulnerabilities.\n\n - CVE-2017-1000407\n Andrew Honig reported that the KVM implementation for\n Intel processors allowed direct access to host I/O port\n 0x80, which is not generally safe. On some systems this\n allows a guest VM to cause a denial of service (crash)\n of the host.\n\n - CVE-2017-1000410\n Ben Seri reported that the Bluetooth subsystem did not\n correctly handle short EFS information elements in L2CAP\n messages. An attacker able to communicate over Bluetooth\n could use this to obtain sensitive information from the\n kernel.\n\nThe various problems in the Extended BPF verifier can be mitigated by\ndisabling use of Extended BPF by unprivileged users:sysctl\nkernel.unprivileged_bpf_disabled=1\n\nDebian disables unprivileged user namespaces by default, but if they\nare enabled (via the kernel.unprivileged_userns_clone sysctl) then\nCVE-2017-17448 can be exploited by any local user.", "edition": 31, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-12-26T00:00:00", "title": "Debian DSA-4073-1 : linux - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-17863", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17741", "CVE-2017-17862", "CVE-2017-17805", "CVE-2017-16995", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2017-1000407", "CVE-2017-1000410", "CVE-2017-17449", "CVE-2017-16538", "CVE-2017-17807", "CVE-2017-16644", "CVE-2017-17864", "CVE-2017-17806"], "modified": "2017-12-26T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4073.NASL", "href": "https://www.tenable.com/plugins/nessus/105433", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4073. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105433);\n script_version(\"3.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-1000407\", \"CVE-2017-1000410\", \"CVE-2017-16538\", \"CVE-2017-16644\", \"CVE-2017-16995\", \"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-17712\", \"CVE-2017-17741\", \"CVE-2017-17805\", \"CVE-2017-17806\", \"CVE-2017-17807\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-8824\");\n script_xref(name:\"DSA\", value:\"4073\");\n\n script_name(english:\"Debian DSA-4073-1 : linux - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\n - CVE-2017-8824\n Mohamed Ghannam discovered that the DCCP implementation\n did not correctly manage resources when a socket is\n disconnected and reconnected, potentially leading to a\n use-after-free. A local user could use this for denial\n of service (crash or data corruption) or possibly for\n privilege escalation. On systems that do not already\n have the dccp module loaded, this can be mitigated by\n disabling it:echo >> /etc/modprobe.d/disable-dccp.conf\n install dccp false\n\n - CVE-2017-16538\n Andrey Konovalov reported that the dvb-usb-lmedm04 media\n driver did not correctly handle some error conditions\n during initialisation. A physically present user with a\n specially designed USB device can use this to cause a\n denial of service (crash).\n\n - CVE-2017-16644\n Andrey Konovalov reported that the hdpvr media driver\n did not correctly handle some error conditions during\n initialisation. A physically present user with a\n specially designed USB device can use this to cause a\n denial of service (crash).\n\n - CVE-2017-16995\n Jann Horn discovered that the Extended BPF verifier did\n not correctly model the behaviour of 32-bit load\n instructions. A local user can use this for privilege\n escalation.\n\n - CVE-2017-17448\n Kevin Cernekee discovered that the netfilter subsystem\n allowed users with the CAP_NET_ADMIN capability in any\n user namespace, not just the root namespace, to enable\n and disable connection tracking helpers. This could lead\n to denial of service, violation of network security\n policy, or have other impact.\n\n - CVE-2017-17449\n Kevin Cernekee discovered that the netlink subsystem\n allowed users with the CAP_NET_ADMIN capability in any\n user namespace to monitor netlink traffic in all net\n namespaces, not just those owned by that user namespace.\n This could lead to exposure of sensitive information.\n\n - CVE-2017-17450\n Kevin Cernekee discovered that the xt_osf module allowed\n users with the CAP_NET_ADMIN capability in any user\n namespace to modify the global OS fingerprint list.\n\n - CVE-2017-17558\n Andrey Konovalov reported that that USB core did not\n correctly handle some error conditions during\n initialisation. A physically present user with a\n specially designed USB device can use this to cause a\n denial of service (crash or memory corruption), or\n possibly for privilege escalation.\n\n - CVE-2017-17712\n Mohamed Ghannam discovered a race condition in the IPv4\n raw socket implementation. A local user could use this\n to obtain sensitive information from the kernel.\n\n - CVE-2017-17741\n Dmitry Vyukov reported that the KVM implementation for\n x86 would over-read data from memory when emulating an\n MMIO write if the kvm_mmio tracepoint was enabled. A\n guest virtual machine might be able to use this to cause\n a denial of service (crash).\n\n - CVE-2017-17805\n It was discovered that some implementations of the\n Salsa20 block cipher did not correctly handle\n zero-length input. A local user could use this to cause\n a denial of service (crash) or possibly have other\n security impact.\n\n - CVE-2017-17806\n It was discovered that the HMAC implementation could be\n used with an underlying hash algorithm that requires a\n key, which was not intended. A local user could use this\n to cause a denial of service (crash or memory\n corruption), or possibly for privilege escalation.\n\n - CVE-2017-17807\n Eric Biggers discovered that the KEYS subsystem lacked a\n check for write permission when adding keys to a\n process's default keyring. A local user could use this\n to cause a denial of service or to obtain sensitive\n information.\n\n - CVE-2017-17862\n Alexei Starovoitov discovered that the Extended BPF\n verifier ignored unreachable code, even though it would\n still be processed by JIT compilers. This could possibly\n be used by local users for denial of service. It also\n increases the severity of bugs in determining\n unreachable code.\n\n - CVE-2017-17863\n Jann Horn discovered that the Extended BPF verifier did\n not correctly model pointer arithmetic on the stack\n frame pointer. A local user can use this for privilege\n escalation.\n\n - CVE-2017-17864\n Jann Horn discovered that the Extended BPF verifier\n could fail to detect pointer leaks from conditional\n code. A local user could use this to obtain sensitive\n information in order to exploit other vulnerabilities.\n\n - CVE-2017-1000407\n Andrew Honig reported that the KVM implementation for\n Intel processors allowed direct access to host I/O port\n 0x80, which is not generally safe. On some systems this\n allows a guest VM to cause a denial of service (crash)\n of the host.\n\n - CVE-2017-1000410\n Ben Seri reported that the Bluetooth subsystem did not\n correctly handle short EFS information elements in L2CAP\n messages. An attacker able to communicate over Bluetooth\n could use this to obtain sensitive information from the\n kernel.\n\nThe various problems in the Extended BPF verifier can be mitigated by\ndisabling use of Extended BPF by unprivileged users:sysctl\nkernel.unprivileged_bpf_disabled=1\n\nDebian disables unprivileged user namespaces by default, but if they\nare enabled (via the kernel.unprivileged_userns_clone sysctl) then\nCVE-2017-17448 can be exploited by any local user.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-8824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-16538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-16644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-16995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17449\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17450\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17807\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17862\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17863\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-1000407\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-1000410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2017-17448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-4073\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 4.9.65-3+deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux BPF Sign Extension Local Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"hyperv-daemons\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcpupower-dev\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcpupower1\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libusbip-dev\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-arm\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-s390\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-x86\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-cpupower\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-doc-4.9\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-4kc-malta\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-5kc-malta\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-686\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-686-pae\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-amd64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-arm64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-armel\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-armhf\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-i386\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mips\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mips64el\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mipsel\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-ppc64el\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-s390x\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-amd64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-arm64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-armmp\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-armmp-lpae\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-common\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-common-rt\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-loongson-3\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-marvell\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-octeon\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-powerpc64le\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-rt-686-pae\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-rt-amd64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-s390x\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-4kc-malta\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-4kc-malta-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-5kc-malta\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-5kc-malta-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-pae\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-pae-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-amd64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-amd64-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-arm64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-arm64-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-lpae\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-lpae-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-loongson-3\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-loongson-3-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-marvell\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-marvell-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-octeon\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-octeon-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-powerpc64le\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-powerpc64le-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-686-pae\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-686-pae-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-amd64\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-amd64-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-s390x\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-s390x-dbg\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-kbuild-4.9\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-libc-dev\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-manual-4.9\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-perf-4.9\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-source-4.9\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-support-4.9.0-9\", reference:\"4.9.65-3+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"usbip\", reference:\"4.9.65-3+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T01:20:03", "description": "Race condition in raw_sendmsg function allows denial-of-service or\nkernel addresses leak\n\nA flaw was found in the Linux kernel's implementation of raw_sendmsg\nallowing a local attacker to panic the kernel or possibly leak kernel\naddresses. A local attacker, with the privilege of creating raw\nsockets, can abuse a possible race condition when setting the socket\noption to allow the kernel to automatically create ip header values\nand thus potentially escalate their privileges. (CVE-2017-17712)\n\nUse-after-free vulnerability in DCCP socket\n\nA use-after-free vulnerability was found in DCCP socket code affecting\nthe Linux kernel since 2.6.16. This vulnerability could allow an\nattacker to their escalate privileges. (CVE-2017-8824)\n\nStack-based out-of-bounds read via vmcall instruction\n\nLinux kernel compiled with the KVM virtualization (CONFIG_KVM) support\nis vulnerable to an out-of-bounds read access issue. It could occur\nwhen emulating vmcall instructions invoked by a guest. A guest\nuser/process could use this flaw to disclose kernel memory bytes.\n(CVE-2017-17741)\n\nUnchecked capabilities in net/netfilter/xt_osf.c allows for\nunprivileged modification to systemwide fingerprint list\n\nnet/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not\nrequire the CAP_NET_ADMIN capability for add_callback and\nremove_callback operations, which allows local users to bypass\nintended access restrictions because the xt_osf_fingers data structure\nis shared across all net namespaces. (CVE-2017-17450)\n\nMissing capabilities check in net/netfilter/nfnetlink_cthelper.c\nallows for unprivileged access to systemwide nfnl_cthelper_list\nstructure\n\nnet/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4\ndoes not require the CAP_NET_ADMIN capability for new, get, and del\noperations, which allows local users to bypass intended access\nrestrictions because the nfnl_cthelper_list data structure is shared\nacross all net namespaces. (CVE-2017-17448)", "edition": 24, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-19T00:00:00", "title": "Amazon Linux AMI : kernel (ALAS-2018-944)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-17450", "CVE-2017-17741", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-doc", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:kernel-headers", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-944.NASL", "href": "https://www.tenable.com/plugins/nessus/106171", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-944.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(106171);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2019/04/05 23:25:05\");\n\n script_cve_id(\"CVE-2017-17448\", \"CVE-2017-17450\", \"CVE-2017-17712\", \"CVE-2017-17741\", \"CVE-2017-8824\");\n script_xref(name:\"ALAS\", value:\"2018-944\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2018-944)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Race condition in raw_sendmsg function allows denial-of-service or\nkernel addresses leak\n\nA flaw was found in the Linux kernel's implementation of raw_sendmsg\nallowing a local attacker to panic the kernel or possibly leak kernel\naddresses. A local attacker, with the privilege of creating raw\nsockets, can abuse a possible race condition when setting the socket\noption to allow the kernel to automatically create ip header values\nand thus potentially escalate their privileges. (CVE-2017-17712)\n\nUse-after-free vulnerability in DCCP socket\n\nA use-after-free vulnerability was found in DCCP socket code affecting\nthe Linux kernel since 2.6.16. This vulnerability could allow an\nattacker to their escalate privileges. (CVE-2017-8824)\n\nStack-based out-of-bounds read via vmcall instruction\n\nLinux kernel compiled with the KVM virtualization (CONFIG_KVM) support\nis vulnerable to an out-of-bounds read access issue. It could occur\nwhen emulating vmcall instructions invoked by a guest. A guest\nuser/process could use this flaw to disclose kernel memory bytes.\n(CVE-2017-17741)\n\nUnchecked capabilities in net/netfilter/xt_osf.c allows for\nunprivileged modification to systemwide fingerprint list\n\nnet/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not\nrequire the CAP_NET_ADMIN capability for add_callback and\nremove_callback operations, which allows local users to bypass\nintended access restrictions because the xt_osf_fingers data structure\nis shared across all net namespaces. (CVE-2017-17450)\n\nMissing capabilities check in net/netfilter/nfnetlink_cthelper.c\nallows for unprivileged access to systemwide nfnl_cthelper_list\nstructure\n\nnet/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4\ndoes not require the CAP_NET_ADMIN capability for new, get, and del\noperations, which allows local users to bypass intended access\nrestrictions because the nfnl_cthelper_list data structure is shared\nacross all net namespaces. (CVE-2017-17448)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-944.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update kernel' to update your system. You will need to reboot\nyour system in order for the new kernel to be running.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.9.77-31.58.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.9.77-31.58.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.9.77-31.58.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.9.77-31.58.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.9.77-31.58.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-4.9.77-31.58.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.9.77-31.58.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.9.77-31.58.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.9.77-31.58.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.9.77-31.58.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.9.77-31.58.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.9.77-31.58.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:13:03", "description": "The 4.14.6 update contains various fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 19, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-12-20T00:00:00", "title": "Fedora 26 : kernel (2017-ba6b6e71f7)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-17450", "CVE-2017-17558", "CVE-2017-8824", "CVE-2017-17448", "CVE-2017-17449"], "modified": "2017-12-20T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-BA6B6E71F7.NASL", "href": "https://www.tenable.com/plugins/nessus/105383", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-ba6b6e71f7.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105383);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-8824\");\n script_xref(name:\"FEDORA\", value:\"2017-ba6b6e71f7\");\n\n script_name(english:\"Fedora 26 : kernel (2017-ba6b6e71f7)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.14.6 update contains various fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba6b6e71f7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-8824\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2017-ba6b6e71f7\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"kernel-4.14.6-200.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:15:14", "description": "The 4.14.6 update contains various fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 17, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-15T00:00:00", "title": "Fedora 27 : kernel (2017-129969aa8a)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-17450", "CVE-2017-17558", "CVE-2017-8824", "CVE-2017-17448", "CVE-2017-17449"], "modified": "2018-01-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2017-129969AA8A.NASL", "href": "https://www.tenable.com/plugins/nessus/105819", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-129969aa8a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105819);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-8824\");\n script_xref(name:\"FEDORA\", value:\"2017-129969aa8a\");\n\n script_name(english:\"Fedora 27 : kernel (2017-129969aa8a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.14.6 update contains various fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-129969aa8a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-17448\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17558\", \"CVE-2017-8824\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2017-129969aa8a\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"kernel-4.14.6-300.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2020-09-22T18:36:42", "bulletinFamily": "unix", "cvelist": ["CVE-2017-16995", "CVE-2017-16996", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17805", "CVE-2017-17806", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17856", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-5754", "CVE-2017-8824"], "description": "Arch Linux Security Advisory ASA-201801-4\n=========================================\n\nSeverity: High\nDate : 2018-01-05\nCVE-ID : CVE-2017-16995 CVE-2017-16996 CVE-2017-17448 CVE-2017-17449\nCVE-2017-17450 CVE-2017-17558 CVE-2017-17712 CVE-2017-17741\nCVE-2017-17805 CVE-2017-17806 CVE-2017-17852 CVE-2017-17853\nCVE-2017-17854 CVE-2017-17855 CVE-2017-17856 CVE-2017-17857\nCVE-2017-17862 CVE-2017-17863 CVE-2017-17864 CVE-2017-5754\nCVE-2017-8824\nPackage : linux-hardened\nType : multiple issues\nRemote : No\nLink : https://security.archlinux.org/AVG-574\n\nSummary\n=======\n\nThe package linux-hardened before version 4.14.11.a-1 is vulnerable to\nmultiple issues including access restriction bypass, denial of service,\nprivilege escalation and information disclosure.\n\nResolution\n==========\n\nUpgrade to 4.14.11.a-1.\n\n# pacman -Syu \"linux-hardened>=4.14.11.a-1\"\n\nThe problems have been fixed upstream in version 4.14.11.a.\n\nWorkaround\n==========\n\nBPF related issues can be circumvented by disabling unprivileged BPF:\n\n sysctl -w kernel.unprivileged_bpf_disabled=1\n\nOn systems that do not already have the dccp module loaded,\nCVE-2017-8824 can be mitigated by disabling it:\n\n echo >> /etc/modprobe.d/disable-dccp.conf install dccp false\n\nDescription\n===========\n\n- CVE-2017-16995 (privilege escalation)\n\nAn arbitrary memory r/w access issue was found in the Linux kernel\nbefore 4.14.9, 4.9.72 compiled with the eBPF bpf(2) system call\n(CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation\nerrors in the eBPF verifier module, triggered by user supplied\nmalicious BPF program. An unprivileged user could use this flaw to\nescalate their privileges on a system. Setting parameter\n\"kernel.unprivileged_bpf_disabled=1\" prevents such privilege escalation\nby restricting access to bpf(2) call.\n\n- CVE-2017-16996 (privilege escalation)\n\nAn arbitrary memory r/w access issue was found in the Linux kernel\nbefore 4.14.9 compiled with the eBPF bpf(2) system call\n(CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation\nerrors in the eBPF verifier module, triggered by user supplied\nmalicious BPF program. An unprivileged user could use this flaw to\nescalate their privileges on a system. Setting parameter\n\"kernel.unprivileged_bpf_disabled=1\" prevents such privilege escalation\nby restricting access to bpf(2) call.\n\n- CVE-2017-17448 (access restriction bypass)\n\nIt has been discovered that net/netfilter/nfnetlink_cthelper.c in the\nLinux kernel through 4.14.4 does not require the CAP_NET_ADMIN\ncapability for new, get, and del operations, which allows local users\nto bypass intended access restrictions because the nfnl_cthelper_list\ndata structure is shared across all net namespaces.\n\n- CVE-2017-17449 (information disclosure)\n\nThe __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in\nthe Linux kernel before 4.14.11, 4.9.74, 4.4.109, 3.18.91 and 3.16.52\nwhen CONFIG_NLMON is enabled, does not restrict observations of Netlink\nmessages to a single net namespace, which allows local users to obtain\nsensitive information by leveraging the CAP_NET_ADMIN capability to\nsniff an nlmon interface for all Netlink activity on the system.\n\n- CVE-2017-17450 (access restriction bypass)\n\nIt has been discovered that net/netfilter/xt_osf.c in the Linux kernel\nthrough 4.14.4 does not require the CAP_NET_ADMIN capability for\nadd_callback and remove_callback operations, which allows local users\nto bypass intended access restrictions because the xt_osf_fingers data\nstructure is shared across all net namespaces.\n\n- CVE-2017-17558 (denial of service)\n\nThe usb_destroy_configuration function in drivers/usb/core/config.c in\nthe USB core subsystem in the Linux kernel before 4.14.8, 4.9.71,\n4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not consider the maximum\nnumber of configurations and interfaces before attempting to release\nresources, which allows local users to cause a denial of service (out-\nof-bounds write access) or possibly have unspecified other impact via a\ncrafted USB device.\n\n- CVE-2017-17712 (privilege escalation)\n\nA flaw was found in the Linux kernel's implementation of raw_sendmsg\nbefore 4.14.11, 4.4.109 and 4.9.74 allowing a local attacker to panic\nthe kernel or possibly leak kernel addresses. A local attacker, with\nthe privilege of creating raw sockets, can abuse a possible race\ncondition when setting the socket option to allow the kernel to\nautomatically create ip header values and thus potentially escalate\ntheir privileges.\n\n- CVE-2017-17741 (information disclosure)\n\nThe KVM implementation in the Linux kernel through 4.14.7 allows\nattackers to obtain potentially sensitive information from kernel\nmemory, aka a write_mmio stack-based out-of-bounds read, related to\narch/x86/kvm/x86.c and include/trace/events/kvm.h.\n\n- CVE-2017-17805 (denial of service)\n\nThe Salsa20 encryption algorithm in the Linux kernel before 4.14.8,\n4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not correctly handle\nzero-length inputs, allowing a local attacker able to use the AF_ALG-\nbased skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a\ndenial of service (uninitialized-memory free and kernel crash) or have\nunspecified other impact by executing a crafted sequence of system\ncalls that use the blkcipher_walk API. Both the generic implementation\n(crypto/salsa20_generic.c) and x86 implementation\n(arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.\n\n- CVE-2017-17806 (denial of service)\n\nThe HMAC implementation (crypto/hmac.c) in the Linux kernel before\n4.14.8, 4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not validate\nthat the underlying cryptographic hash algorithm is unkeyed, allowing a\nlocal attacker able to use the AF_ALG-based hash interface\n(CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm\n(CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by\nexecuting a crafted sequence of system calls that encounter a missing\nSHA-3 initialization.\n\n- CVE-2017-17852 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nmishandling of 32-bit ALU ops.\n\n- CVE-2017-17853 (denial of service)\n\nIt has been discovered kernel/bpf/verifier.c in the Linux kernel before\n4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nincorrect BPF_RSH signed bounds calculations.\n\n- CVE-2017-17854 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (integer\noverflow and memory corruption) or possibly have unspecified other\nimpact by leveraging unrestricted integer values for pointer\narithmetic.\n\n- CVE-2017-17855 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nimproper use of pointers in place of scalars.\n\n- CVE-2017-17856 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging the\nlack of stack-pointer alignment enforcement.\n\n- CVE-2017-17857 (denial of service)\n\nThe check_stack_boundary function in kernel/bpf/verifier.c in the Linux\nkernel before 4.14.9 allows local users to cause a denial of service\n(memory corruption) or possibly have unspecified other impact by\nleveraging mishandling of invalid variable stack read operations.\n\n- CVE-2017-17862 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 ignore unreachable code, even though it would\nstill be processed by JIT compilers. This behavior, also considered an\nimproper branch-pruning logic issue, could possibly be used by local\nusers for denial of service.\n\n- CVE-2017-17863 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 does not check the relationship between\npointer values and the BPF stack, which allows local users to cause a\ndenial of service (integer overflow or invalid memory access) or\npossibly have unspecified other impact.\n\n- CVE-2017-17864 (information disclosure)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.73 mishandles states_equal comparisons between\nthe pointer data type and the UNKNOWN_VALUE data type, which allows\nlocal users to obtain potentially sensitive address information, aka a\n\"pointer leak.\"\n\n- CVE-2017-5754 (access restriction bypass)\n\nAn industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of instructions (a\ncommonly used performance optimization).\nThis variant (\"Rogue Data Load\") relies on the fact that, on impacted\nmicroprocessors, during speculative execution of instruction permission\nfaults, exception generation triggered by a faulting access is\nsuppressed until the retirement of the whole instruction block. In a\ncombination with the fact that memory accesses may populate the cache\neven when the block is being dropped and never committed (executed), an\nunprivileged local attacker could use this flaw to read memory from\narbitrary addresses, including privileged (kernel space) and all other\nprocesses running on the system by conducting targeted cache side-\nchannel attacks.\n\n- CVE-2017-8824 (privilege escalation)\n\nA use-after-free vulnerability was found in DCCP socket code affecting\nthe Linux kernel since 2.6.16. The dccp_disconnect function in\nnet/dccp/proto.c allows local users to gain privileges or cause a\ndenial of service via an AF_UNSPEC connect system call during the\nDCCP_LISTEN state.\n\nImpact\n======\n\nA local unprivileged attacker is able to escalate privileges, crash the\nsystem, read memory from arbitrary addresses including from the kernel\nand all other processes running on the system or obtain sensitive\ninformation by sniffing an nlmon interface for all Netlink activity on\nthe system.\n\nReferences\n==========\n\nhttps://bugs.archlinux.org/task/56832\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1454\nhttp://www.openwall.com/lists/oss-security/2017/12/21/2\nhttps://git.kernel.org/linus/95a762e2c8c942780948091f8f2a4f32fce1ac6f\nhttps://git.kernel.org/linus/0c17d1d2c61936401f4702e1846e2c19b200f958\nhttps://git.kernel.org/linus/4b380c42f7d00a395feede754f0bc2292eebe6e5\nhttps://git.kernel.org/linus/93c647643b48f0131f02e45da3bd367d80443291\nhttps://git.kernel.org/linus/916a27901de01446bcf57ecca4783f6cff493309\nhttps://github.com/google/syzkaller/blob/master/docs/linux/found_bugs_usb.md\nhttps://git.kernel.org/linus/48a4ff1c7bb5a32d2e396b03132d20d552c0eca7\nhttp://openwall.com/lists/oss-security/2017/12/12/7\nhttps://git.kernel.org/linus/8f659a03a0ba9289b9aeb9b4470e6fb263d6f483\nhttps://git.kernel.org/linus/e39d200fa5bf5b94a0948db0dae44c1b73b84a56\nhttps://git.kernel.org/linus/ecaaab5649781c5a0effdaf298a925063020500e\nhttps://git.kernel.org/linus/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1\nhttps://git.kernel.org/linus/468f6eafa6c44cb2c5d8aad35e12f06c240a812a\nhttps://git.kernel.org/linus/4374f256ce8182019353c0c639bb8d0695b4c941\nhttps://git.kernel.org/linus/bb7f0f989ca7de1153bd128a40a71709e339fa03\nhttps://git.kernel.org/linus/179d1c5602997fef5a940c6ddcf31212cbfebd14\nhttps://git.kernel.org/linus/a5ec6ae161d72f01411169a938fa5f8baea16e8f\nhttps://git.kernel.org/linus/ea25f914dc164c8d56b36147ecc86bc65f83c469\nhttps://git.kernel.org/linus/c131187db2d3fa2f8bf32fdf4e9a4ef805168467\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=d75d3ee237cee9068022117e059b64bbab617f3d\nhttps://git.kernel.org/linus/de31796c052e47c99b1bb342bc70aa826733e862\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=37435f7e80ef9adc32a69013c18f135e3f434244\nhttps://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html\nhttps://meltdownattack.com\nhttps://xenbits.xen.org/xsa/advisory-254.html\nhttp://blog.cyberus-technology.de/posts/2018-01-03-meltdown.html\nhttps://git.kernel.org/linus/5aa90a84589282b87666f92b6c3c917c8080a9bf\nhttps://git.kernel.org/linus/00a5ae218d57741088068799b810416ac249a9ce\nhttps://git.kernel.org/linus/69c64866ce072dea1d1e59a0d61e0f66c0dffb76\nhttps://security.archlinux.org/CVE-2017-16995\nhttps://security.archlinux.org/CVE-2017-16996\nhttps://security.archlinux.org/CVE-2017-17448\nhttps://security.archlinux.org/CVE-2017-17449\nhttps://security.archlinux.org/CVE-2017-17450\nhttps://security.archlinux.org/CVE-2017-17558\nhttps://security.archlinux.org/CVE-2017-17712\nhttps://security.archlinux.org/CVE-2017-17741\nhttps://security.archlinux.org/CVE-2017-17805\nhttps://security.archlinux.org/CVE-2017-17806\nhttps://security.archlinux.org/CVE-2017-17852\nhttps://security.archlinux.org/CVE-2017-17853\nhttps://security.archlinux.org/CVE-2017-17854\nhttps://security.archlinux.org/CVE-2017-17855\nhttps://security.archlinux.org/CVE-2017-17856\nhttps://security.archlinux.org/CVE-2017-17857\nhttps://security.archlinux.org/CVE-2017-17862\nhttps://security.archlinux.org/CVE-2017-17863\nhttps://security.archlinux.org/CVE-2017-17864\nhttps://security.archlinux.org/CVE-2017-5754\nhttps://security.archlinux.org/CVE-2017-8824", "modified": "2018-01-05T00:00:00", "published": "2018-01-05T00:00:00", "id": "ASA-201801-4", "href": "https://security.archlinux.org/ASA-201801-4", "type": "archlinux", "title": "[ASA-201801-4] linux-hardened: multiple issues", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-22T18:36:42", "bulletinFamily": "unix", "cvelist": ["CVE-2017-16995", "CVE-2017-16996", "CVE-2017-17449", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17805", "CVE-2017-17806", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17856", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-5754", "CVE-2017-8824"], "description": "Arch Linux Security Advisory ASA-201801-3\n=========================================\n\nSeverity: High\nDate : 2018-01-05\nCVE-ID : CVE-2017-16995 CVE-2017-16996 CVE-2017-17449 CVE-2017-17558\nCVE-2017-17712 CVE-2017-17805 CVE-2017-17806 CVE-2017-17852\nCVE-2017-17853 CVE-2017-17854 CVE-2017-17855 CVE-2017-17856\nCVE-2017-17857 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864\nCVE-2017-5754 CVE-2017-8824\nPackage : linux-zen\nType : multiple issues\nRemote : No\nLink : https://security.archlinux.org/AVG-571\n\nSummary\n=======\n\nThe package linux-zen before version 4.14.11-1 is vulnerable to\nmultiple issues including access restriction bypass, denial of service,\nprivilege escalation and information disclosure.\n\nResolution\n==========\n\nUpgrade to 4.14.11-1.\n\n# pacman -Syu \"linux-zen>=4.14.11-1\"\n\nThe problems have been fixed upstream in version 4.14.11.\n\nWorkaround\n==========\n\nBPF related issues can be circumvented by disabling unprivileged BPF:\n\n sysctl -w kernel.unprivileged_bpf_disabled=1\n\nOn systems that do not already have the dccp module loaded,\nCVE-2017-8824 can be mitigated by disabling it:\n\n echo >> /etc/modprobe.d/disable-dccp.conf install dccp false\n\nDescription\n===========\n\n- CVE-2017-16995 (privilege escalation)\n\nAn arbitrary memory r/w access issue was found in the Linux kernel\nbefore 4.14.9, 4.9.72 compiled with the eBPF bpf(2) system call\n(CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation\nerrors in the eBPF verifier module, triggered by user supplied\nmalicious BPF program. An unprivileged user could use this flaw to\nescalate their privileges on a system. Setting parameter\n\"kernel.unprivileged_bpf_disabled=1\" prevents such privilege escalation\nby restricting access to bpf(2) call.\n\n- CVE-2017-16996 (privilege escalation)\n\nAn arbitrary memory r/w access issue was found in the Linux kernel\nbefore 4.14.9 compiled with the eBPF bpf(2) system call\n(CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation\nerrors in the eBPF verifier module, triggered by user supplied\nmalicious BPF program. An unprivileged user could use this flaw to\nescalate their privileges on a system. Setting parameter\n\"kernel.unprivileged_bpf_disabled=1\" prevents such privilege escalation\nby restricting access to bpf(2) call.\n\n- CVE-2017-17449 (information disclosure)\n\nThe __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in\nthe Linux kernel before 4.14.11, 4.9.74, 4.4.109, 3.18.91 and 3.16.52\nwhen CONFIG_NLMON is enabled, does not restrict observations of Netlink\nmessages to a single net namespace, which allows local users to obtain\nsensitive information by leveraging the CAP_NET_ADMIN capability to\nsniff an nlmon interface for all Netlink activity on the system.\n\n- CVE-2017-17558 (denial of service)\n\nThe usb_destroy_configuration function in drivers/usb/core/config.c in\nthe USB core subsystem in the Linux kernel before 4.14.8, 4.9.71,\n4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not consider the maximum\nnumber of configurations and interfaces before attempting to release\nresources, which allows local users to cause a denial of service (out-\nof-bounds write access) or possibly have unspecified other impact via a\ncrafted USB device.\n\n- CVE-2017-17712 (privilege escalation)\n\nA flaw was found in the Linux kernel's implementation of raw_sendmsg\nbefore 4.14.11, 4.4.109 and 4.9.74 allowing a local attacker to panic\nthe kernel or possibly leak kernel addresses. A local attacker, with\nthe privilege of creating raw sockets, can abuse a possible race\ncondition when setting the socket option to allow the kernel to\nautomatically create ip header values and thus potentially escalate\ntheir privileges.\n\n- CVE-2017-17805 (denial of service)\n\nThe Salsa20 encryption algorithm in the Linux kernel before 4.14.8,\n4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not correctly handle\nzero-length inputs, allowing a local attacker able to use the AF_ALG-\nbased skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a\ndenial of service (uninitialized-memory free and kernel crash) or have\nunspecified other impact by executing a crafted sequence of system\ncalls that use the blkcipher_walk API. Both the generic implementation\n(crypto/salsa20_generic.c) and x86 implementation\n(arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.\n\n- CVE-2017-17806 (denial of service)\n\nThe HMAC implementation (crypto/hmac.c) in the Linux kernel before\n4.14.8, 4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not validate\nthat the underlying cryptographic hash algorithm is unkeyed, allowing a\nlocal attacker able to use the AF_ALG-based hash interface\n(CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm\n(CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by\nexecuting a crafted sequence of system calls that encounter a missing\nSHA-3 initialization.\n\n- CVE-2017-17852 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nmishandling of 32-bit ALU ops.\n\n- CVE-2017-17853 (denial of service)\n\nIt has been discovered kernel/bpf/verifier.c in the Linux kernel before\n4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nincorrect BPF_RSH signed bounds calculations.\n\n- CVE-2017-17854 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (integer\noverflow and memory corruption) or possibly have unspecified other\nimpact by leveraging unrestricted integer values for pointer\narithmetic.\n\n- CVE-2017-17855 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nimproper use of pointers in place of scalars.\n\n- CVE-2017-17856 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging the\nlack of stack-pointer alignment enforcement.\n\n- CVE-2017-17857 (denial of service)\n\nThe check_stack_boundary function in kernel/bpf/verifier.c in the Linux\nkernel before 4.14.9 allows local users to cause a denial of service\n(memory corruption) or possibly have unspecified other impact by\nleveraging mishandling of invalid variable stack read operations.\n\n- CVE-2017-17862 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 ignore unreachable code, even though it would\nstill be processed by JIT compilers. This behavior, also considered an\nimproper branch-pruning logic issue, could possibly be used by local\nusers for denial of service.\n\n- CVE-2017-17863 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 does not check the relationship between\npointer values and the BPF stack, which allows local users to cause a\ndenial of service (integer overflow or invalid memory access) or\npossibly have unspecified other impact.\n\n- CVE-2017-17864 (information disclosure)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.73 mishandles states_equal comparisons between\nthe pointer data type and the UNKNOWN_VALUE data type, which allows\nlocal users to obtain potentially sensitive address information, aka a\n\"pointer leak.\"\n\n- CVE-2017-5754 (access restriction bypass)\n\nAn industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of instructions (a\ncommonly used performance optimization).\nThis variant (\"Rogue Data Load\") relies on the fact that, on impacted\nmicroprocessors, during speculative execution of instruction permission\nfaults, exception generation triggered by a faulting access is\nsuppressed until the retirement of the whole instruction block. In a\ncombination with the fact that memory accesses may populate the cache\neven when the block is being dropped and never committed (executed), an\nunprivileged local attacker could use this flaw to read memory from\narbitrary addresses, including privileged (kernel space) and all other\nprocesses running on the system by conducting targeted cache side-\nchannel attacks.\n\n- CVE-2017-8824 (privilege escalation)\n\nA use-after-free vulnerability was found in DCCP socket code affecting\nthe Linux kernel since 2.6.16. The dccp_disconnect function in\nnet/dccp/proto.c allows local users to gain privileges or cause a\ndenial of service via an AF_UNSPEC connect system call during the\nDCCP_LISTEN state.\n\nImpact\n======\n\nA local unprivileged attacker is able to escalate privileges, crash the\nsystem, read memory from arbitrary addresses including from the kernel\nand all other processes running on the system or obtain sensitive\ninformation by sniffing an nlmon interface for all Netlink activity on\nthe system.\n\nReferences\n==========\n\nhttps://bugs.archlinux.org/task/56832\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1454\nhttp://www.openwall.com/lists/oss-security/2017/12/21/2\nhttps://git.kernel.org/linus/95a762e2c8c942780948091f8f2a4f32fce1ac6f\nhttps://git.kernel.org/linus/0c17d1d2c61936401f4702e1846e2c19b200f958\nhttps://git.kernel.org/linus/93c647643b48f0131f02e45da3bd367d80443291\nhttps://github.com/google/syzkaller/blob/master/docs/linux/found_bugs_usb.md\nhttps://git.kernel.org/linus/48a4ff1c7bb5a32d2e396b03132d20d552c0eca7\nhttp://openwall.com/lists/oss-security/2017/12/12/7\nhttps://git.kernel.org/linus/8f659a03a0ba9289b9aeb9b4470e6fb263d6f483\nhttps://git.kernel.org/linus/ecaaab5649781c5a0effdaf298a925063020500e\nhttps://git.kernel.org/linus/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1\nhttps://git.kernel.org/linus/468f6eafa6c44cb2c5d8aad35e12f06c240a812a\nhttps://git.kernel.org/linus/4374f256ce8182019353c0c639bb8d0695b4c941\nhttps://git.kernel.org/linus/bb7f0f989ca7de1153bd128a40a71709e339fa03\nhttps://git.kernel.org/linus/179d1c5602997fef5a940c6ddcf31212cbfebd14\nhttps://git.kernel.org/linus/a5ec6ae161d72f01411169a938fa5f8baea16e8f\nhttps://git.kernel.org/linus/ea25f914dc164c8d56b36147ecc86bc65f83c469\nhttps://git.kernel.org/linus/c131187db2d3fa2f8bf32fdf4e9a4ef805168467\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=d75d3ee237cee9068022117e059b64bbab617f3d\nhttps://git.kernel.org/linus/de31796c052e47c99b1bb342bc70aa826733e862\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=37435f7e80ef9adc32a69013c18f135e3f434244\nhttps://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html\nhttps://meltdownattack.com\nhttps://xenbits.xen.org/xsa/advisory-254.html\nhttp://blog.cyberus-technology.de/posts/2018-01-03-meltdown.html\nhttps://git.kernel.org/linus/5aa90a84589282b87666f92b6c3c917c8080a9bf\nhttps://git.kernel.org/linus/00a5ae218d57741088068799b810416ac249a9ce\nhttps://git.kernel.org/linus/69c64866ce072dea1d1e59a0d61e0f66c0dffb76\nhttps://security.archlinux.org/CVE-2017-16995\nhttps://security.archlinux.org/CVE-2017-16996\nhttps://security.archlinux.org/CVE-2017-17449\nhttps://security.archlinux.org/CVE-2017-17558\nhttps://security.archlinux.org/CVE-2017-17712\nhttps://security.archlinux.org/CVE-2017-17805\nhttps://security.archlinux.org/CVE-2017-17806\nhttps://security.archlinux.org/CVE-2017-17852\nhttps://security.archlinux.org/CVE-2017-17853\nhttps://security.archlinux.org/CVE-2017-17854\nhttps://security.archlinux.org/CVE-2017-17855\nhttps://security.archlinux.org/CVE-2017-17856\nhttps://security.archlinux.org/CVE-2017-17857\nhttps://security.archlinux.org/CVE-2017-17862\nhttps://security.archlinux.org/CVE-2017-17863\nhttps://security.archlinux.org/CVE-2017-17864\nhttps://security.archlinux.org/CVE-2017-5754\nhttps://security.archlinux.org/CVE-2017-8824", "modified": "2018-01-05T00:00:00", "published": "2018-01-05T00:00:00", "id": "ASA-201801-3", "href": "https://security.archlinux.org/ASA-201801-3", "type": "archlinux", "title": "[ASA-201801-3] linux-zen: multiple issues", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-22T18:36:42", "bulletinFamily": "unix", "cvelist": ["CVE-2017-16995", "CVE-2017-16996", "CVE-2017-17449", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17805", "CVE-2017-17806", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17856", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-5754", "CVE-2017-8824"], "description": "Arch Linux Security Advisory ASA-201801-1\n=========================================\n\nSeverity: High\nDate : 2018-01-05\nCVE-ID : CVE-2017-16995 CVE-2017-16996 CVE-2017-17449 CVE-2017-17558\nCVE-2017-17712 CVE-2017-17805 CVE-2017-17806 CVE-2017-17852\nCVE-2017-17853 CVE-2017-17854 CVE-2017-17855 CVE-2017-17856\nCVE-2017-17857 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864\nCVE-2017-5754 CVE-2017-8824\nPackage : linux\nType : multiple issues\nRemote : No\nLink : https://security.archlinux.org/AVG-552\n\nSummary\n=======\n\nThe package linux before version 4.14.11-1 is vulnerable to multiple\nissues including access restriction bypass, denial of service,\nprivilege escalation and information disclosure.\n\nResolution\n==========\n\nUpgrade to 4.14.11-1.\n\n# pacman -Syu \"linux>=4.14.11-1\"\n\nThe problems have been fixed upstream in version 4.14.11.\n\nWorkaround\n==========\n\nBPF related issues can be circumvented by disabling unprivileged BPF:\n\n sysctl -w kernel.unprivileged_bpf_disabled=1\n\nOn systems that do not already have the dccp module loaded,\nCVE-2017-8824 can be mitigated by disabling it:\n\n echo >> /etc/modprobe.d/disable-dccp.conf install dccp false\n\nDescription\n===========\n\n- CVE-2017-16995 (privilege escalation)\n\nAn arbitrary memory r/w access issue was found in the Linux kernel\nbefore 4.14.9, 4.9.72 compiled with the eBPF bpf(2) system call\n(CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation\nerrors in the eBPF verifier module, triggered by user supplied\nmalicious BPF program. An unprivileged user could use this flaw to\nescalate their privileges on a system. Setting parameter\n\"kernel.unprivileged_bpf_disabled=1\" prevents such privilege escalation\nby restricting access to bpf(2) call.\n\n- CVE-2017-16996 (privilege escalation)\n\nAn arbitrary memory r/w access issue was found in the Linux kernel\nbefore 4.14.9 compiled with the eBPF bpf(2) system call\n(CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation\nerrors in the eBPF verifier module, triggered by user supplied\nmalicious BPF program. An unprivileged user could use this flaw to\nescalate their privileges on a system. Setting parameter\n\"kernel.unprivileged_bpf_disabled=1\" prevents such privilege escalation\nby restricting access to bpf(2) call.\n\n- CVE-2017-17449 (information disclosure)\n\nThe __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in\nthe Linux kernel before 4.14.11, 4.9.74, 4.4.109, 3.18.91 and 3.16.52\nwhen CONFIG_NLMON is enabled, does not restrict observations of Netlink\nmessages to a single net namespace, which allows local users to obtain\nsensitive information by leveraging the CAP_NET_ADMIN capability to\nsniff an nlmon interface for all Netlink activity on the system.\n\n- CVE-2017-17558 (denial of service)\n\nThe usb_destroy_configuration function in drivers/usb/core/config.c in\nthe USB core subsystem in the Linux kernel before 4.14.8, 4.9.71,\n4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not consider the maximum\nnumber of configurations and interfaces before attempting to release\nresources, which allows local users to cause a denial of service (out-\nof-bounds write access) or possibly have unspecified other impact via a\ncrafted USB device.\n\n- CVE-2017-17712 (privilege escalation)\n\nA flaw was found in the Linux kernel's implementation of raw_sendmsg\nbefore 4.14.11, 4.4.109 and 4.9.74 allowing a local attacker to panic\nthe kernel or possibly leak kernel addresses. A local attacker, with\nthe privilege of creating raw sockets, can abuse a possible race\ncondition when setting the socket option to allow the kernel to\nautomatically create ip header values and thus potentially escalate\ntheir privileges.\n\n- CVE-2017-17805 (denial of service)\n\nThe Salsa20 encryption algorithm in the Linux kernel before 4.14.8,\n4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not correctly handle\nzero-length inputs, allowing a local attacker able to use the AF_ALG-\nbased skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a\ndenial of service (uninitialized-memory free and kernel crash) or have\nunspecified other impact by executing a crafted sequence of system\ncalls that use the blkcipher_walk API. Both the generic implementation\n(crypto/salsa20_generic.c) and x86 implementation\n(arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable.\n\n- CVE-2017-17806 (denial of service)\n\nThe HMAC implementation (crypto/hmac.c) in the Linux kernel before\n4.14.8, 4.9.71, 4.4.107, 3.18.89, 3.16.52 and 3.2.97 does not validate\nthat the underlying cryptographic hash algorithm is unkeyed, allowing a\nlocal attacker able to use the AF_ALG-based hash interface\n(CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm\n(CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by\nexecuting a crafted sequence of system calls that encounter a missing\nSHA-3 initialization.\n\n- CVE-2017-17852 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nmishandling of 32-bit ALU ops.\n\n- CVE-2017-17853 (denial of service)\n\nIt has been discovered kernel/bpf/verifier.c in the Linux kernel before\n4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nincorrect BPF_RSH signed bounds calculations.\n\n- CVE-2017-17854 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (integer\noverflow and memory corruption) or possibly have unspecified other\nimpact by leveraging unrestricted integer values for pointer\narithmetic.\n\n- CVE-2017-17855 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nimproper use of pointers in place of scalars.\n\n- CVE-2017-17856 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging the\nlack of stack-pointer alignment enforcement.\n\n- CVE-2017-17857 (denial of service)\n\nThe check_stack_boundary function in kernel/bpf/verifier.c in the Linux\nkernel before 4.14.9 allows local users to cause a denial of service\n(memory corruption) or possibly have unspecified other impact by\nleveraging mishandling of invalid variable stack read operations.\n\n- CVE-2017-17862 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 ignore unreachable code, even though it would\nstill be processed by JIT compilers. This behavior, also considered an\nimproper branch-pruning logic issue, could possibly be used by local\nusers for denial of service.\n\n- CVE-2017-17863 (denial of service)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.72 does not check the relationship between\npointer values and the BPF stack, which allows local users to cause a\ndenial of service (integer overflow or invalid memory access) or\npossibly have unspecified other impact.\n\n- CVE-2017-17864 (information disclosure)\n\nIt has been discovered that kernel/bpf/verifier.c in the Linux kernel\nbefore 4.14.9 and 4.9.73 mishandles states_equal comparisons between\nthe pointer data type and the UNKNOWN_VALUE data type, which allows\nlocal users to obtain potentially sensitive address information, aka a\n\"pointer leak.\"\n\n- CVE-2017-5754 (access restriction bypass)\n\nAn industry-wide issue was found in the way many modern microprocessor\ndesigns have implemented speculative execution of instructions (a\ncommonly used performance optimization).\nThis variant (\"Rogue Data Load\") relies on the fact that, on impacted\nmicroprocessors, during speculative execution of instruction permission\nfaults, exception generation triggered by a faulting access is\nsuppressed until the retirement of the whole instruction block. In a\ncombination with the fact that memory accesses may populate the cache\neven when the block is being dropped and never committed (executed), an\nunprivileged local attacker could use this flaw to read memory from\narbitrary addresses, including privileged (kernel space) and all other\nprocesses running on the system by conducting targeted cache side-\nchannel attacks.\n\n- CVE-2017-8824 (privilege escalation)\n\nA use-after-free vulnerability was found in DCCP socket code affecting\nthe Linux kernel since 2.6.16. The dccp_disconnect function in\nnet/dccp/proto.c allows local users to gain privileges or cause a\ndenial of service via an AF_UNSPEC connect system call during the\nDCCP_LISTEN state.\n\nImpact\n======\n\nA local unprivileged attacker is able to escalate privileges, crash the\nsystem, read memory from arbitrary addresses including from the kernel\nand all other processes running on the system or obtain sensitive\ninformation by sniffing an nlmon interface for all Netlink activity on\nthe system.\n\nReferences\n==========\n\nhttps://bugs.archlinux.org/task/56832\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=1454\nhttp://www.openwall.com/lists/oss-security/2017/12/21/2\nhttps://git.kernel.org/linus/95a762e2c8c942780948091f8f2a4f32fce1ac6f\nhttps://git.kernel.org/linus/0c17d1d2c61936401f4702e1846e2c19b200f958\nhttps://git.kernel.org/linus/93c647643b48f0131f02e45da3bd367d80443291\nhttps://github.com/google/syzkaller/blob/master/docs/linux/found_bugs_usb.md\nhttps://git.kernel.org/linus/48a4ff1c7bb5a32d2e396b03132d20d552c0eca7\nhttp://openwall.com/lists/oss-security/2017/12/12/7\nhttps://git.kernel.org/linus/8f659a03a0ba9289b9aeb9b4470e6fb263d6f483\nhttps://git.kernel.org/linus/ecaaab5649781c5a0effdaf298a925063020500e\nhttps://git.kernel.org/linus/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1\nhttps://git.kernel.org/linus/468f6eafa6c44cb2c5d8aad35e12f06c240a812a\nhttps://git.kernel.org/linus/4374f256ce8182019353c0c639bb8d0695b4c941\nhttps://git.kernel.org/linus/bb7f0f989ca7de1153bd128a40a71709e339fa03\nhttps://git.kernel.org/linus/179d1c5602997fef5a940c6ddcf31212cbfebd14\nhttps://git.kernel.org/linus/a5ec6ae161d72f01411169a938fa5f8baea16e8f\nhttps://git.kernel.org/linus/ea25f914dc164c8d56b36147ecc86bc65f83c469\nhttps://git.kernel.org/linus/c131187db2d3fa2f8bf32fdf4e9a4ef805168467\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=d75d3ee237cee9068022117e059b64bbab617f3d\nhttps://git.kernel.org/linus/de31796c052e47c99b1bb342bc70aa826733e862\nhttps://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=37435f7e80ef9adc32a69013c18f135e3f434244\nhttps://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html\nhttps://meltdownattack.com\nhttps://xenbits.xen.org/xsa/advisory-254.html\nhttp://blog.cyberus-technology.de/posts/2018-01-03-meltdown.html\nhttps://git.kernel.org/linus/5aa90a84589282b87666f92b6c3c917c8080a9bf\nhttps://git.kernel.org/linus/00a5ae218d57741088068799b810416ac249a9ce\nhttps://git.kernel.org/linus/69c64866ce072dea1d1e59a0d61e0f66c0dffb76\nhttps://security.archlinux.org/CVE-2017-16995\nhttps://security.archlinux.org/CVE-2017-16996\nhttps://security.archlinux.org/CVE-2017-17449\nhttps://security.archlinux.org/CVE-2017-17558\nhttps://security.archlinux.org/CVE-2017-17712\nhttps://security.archlinux.org/CVE-2017-17805\nhttps://security.archlinux.org/CVE-2017-17806\nhttps://security.archlinux.org/CVE-2017-17852\nhttps://security.archlinux.org/CVE-2017-17853\nhttps://security.archlinux.org/CVE-2017-17854\nhttps://security.archlinux.org/CVE-2017-17855\nhttps://security.archlinux.org/CVE-2017-17856\nhttps://security.archlinux.org/CVE-2017-17857\nhttps://security.archlinux.org/CVE-2017-17862\nhttps://security.archlinux.org/CVE-2017-17863\nhttps://security.archlinux.org/CVE-2017-17864\nhttps://security.archlinux.org/CVE-2017-5754\nhttps://security.archlinux.org/CVE-2017-8824", "modified": "2018-01-05T00:00:00", "published": "2018-01-05T00:00:00", "id": "ASA-201801-1", "href": "https://security.archlinux.org/ASA-201801-1", "type": "archlinux", "title": "[ASA-201801-1] linux: multiple issues", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-10-30T13:33:27", "bulletinFamily": "unix", "cvelist": ["CVE-2017-17863", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17741", "CVE-2017-17862", "CVE-2017-17805", "CVE-2017-16995", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2017-1000407", "CVE-2017-1000410", "CVE-2017-17449", "CVE-2017-16538", "CVE-2017-17807", "CVE-2017-16644", "CVE-2017-17864", "CVE-2017-17806"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4073-1 security@debian.org\nhttps://www.debian.org/security/ Ben Hutchings\nDecember 23, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2017-8824 CVE-2017-16538 CVE-2017-16644 CVE-2017-16995\n CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-17558\n CVE-2017-17712 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806\n CVE-2017-17807 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864\n CVE-2017-1000407 CVE-2017-1000410\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-8824\n\n Mohamed Ghannam discovered that the DCCP implementation did not\n correctly manage resources when a socket is disconnected and\n reconnected, potentially leading to a use-after-free. A local\n user could use this for denial of service (crash or data\n corruption) or possibly for privilege escalation. On systems that\n do not already have the dccp module loaded, this can be mitigated\n by disabling it:\n echo >> /etc/modprobe.d/disable-dccp.conf install dccp false\n\nCVE-2017-16538\n\n Andrey Konovalov reported that the dvb-usb-lmedm04 media driver\n did not correctly handle some error conditions during\n initialisation. A physically present user with a specially\n designed USB device can use this to cause a denial of service\n (crash).\n\nCVE-2017-16644\n\n Andrey Konovalov reported that the hdpvr media driver did not\n correctly handle some error conditions during initialisation. A\n physically present user with a specially designed USB device can\n use this to cause a denial of service (crash).\n\nCVE-2017-16995\n\n Jann Horn discovered that the Extended BPF verifier did not\n correctly model the behaviour of 32-bit load instructions. A\n local user can use this for privilege escalation.\n\nCVE-2017-17448\n\n Kevin Cernekee discovered that the netfilter subsystem allowed\n users with the CAP_NET_ADMIN capability in any user namespace, not\n just the root namespace, to enable and disable connection tracking\n helpers. This could lead to denial of service, violation of\n network security policy, or have other impact.\n\nCVE-2017-17449\n\n Kevin Cernekee discovered that the netlink subsystem allowed\n users with the CAP_NET_ADMIN capability in any user namespace\n to monitor netlink traffic in all net namespaces, not just\n those owned by that user namespace. This could lead to\n exposure of sensitive information.\n\nCVE-2017-17450\n\n Kevin Cernekee discovered that the xt_osf module allowed users\n with the CAP_NET_ADMIN capability in any user namespace to modify\n the global OS fingerprint list.\n\nCVE-2017-17558\n\n Andrey Konovalov reported that that USB core did not correctly\n handle some error conditions during initialisation. A physically\n present user with a specially designed USB device can use this to\n cause a denial of service (crash or memory corruption), or\n possibly for privilege escalation.\n\nCVE-2017-17712\n\n Mohamed Ghannam discovered a race condition in the IPv4 raw socket\n implementation. A local user could use this to obtain sensitive\n information from the kernel.\n\nCVE-2017-17741\n\n Dmitry Vyukov reported that the KVM implementation for x86 would\n over-read data from memory when emulating an MMIO write if the\n kvm_mmio tracepoint was enabled. A guest virtual machine might be\n able to use this to cause a denial of service (crash).\n\nCVE-2017-17805\n\n It was discovered that some implementations of the Salsa20 block\n cipher did not correctly handle zero-length input. A local user\n could use this to cause a denial of service (crash) or possibly\n have other security impact.\n\nCVE-2017-17806\n\n It was discovered that the HMAC implementation could be used with\n an underlying hash algorithm that requires a key, which was not\n intended. A local user could use this to cause a denial of\n service (crash or memory corruption), or possibly for privilege\n escalation.\n\nCVE-2017-17807\n\n Eric Biggers discovered that the KEYS subsystem lacked a check for\n write permission when adding keys to a process's default keyring.\n A local user could use this to cause a denial of service or to\n obtain sensitive information.\n\nCVE-2017-17862\n\n Alexei Starovoitov discovered that the Extended BPF verifier\n ignored unreachable code, even though it would still be processed\n by JIT compilers. This could possibly be used by local users for\n denial of service. It also increases the severity of bugs in\n determining unreachable code.\n\nCVE-2017-17863\n\n Jann Horn discovered that the Extended BPF verifier did not\n correctly model pointer arithmetic on the stack frame pointer.\n A local user can use this for privilege escalation.\n\nCVE-2017-17864\n\n Jann Horn discovered that the Extended BPF verifier could fail to\n detect pointer leaks from conditional code. A local user could\n use this to obtain sensitive information in order to exploit\n other vulnerabilities.\n\nCVE-2017-1000407\n\n Andrew Honig reported that the KVM implementation for Intel\n processors allowed direct access to host I/O port 0x80, which\n is not generally safe. On some systems this allows a guest\n VM to cause a denial of service (crash) of the host.\n\nCVE-2017-1000410\n\n Ben Seri reported that the Bluetooth subsystem did not correctly\n handle short EFS information elements in L2CAP messages. An\n attacker able to communicate over Bluetooth could use this to\n obtain sensitive information from the kernel.\n\nThe various problems in the Extended BPF verifier can be mitigated by\ndisabling use of Extended BPF by unprivileged users:\nsysctl kernel.unprivileged_bpf_disabled=1\n\nDebian disables unprivileged user namespaces by default, but if they\nare enabled (via the kernel.unprivileged_userns_clone sysctl) then\nCVE-2017-17448 can be exploited by any local user.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 4.9.65-3+deb9u1.\n\nWe recommend that you upgrade your linux packages.\n\nFor the detailed security status of linux please refer to its security\ntracker page at: https://security-tracker.debian.org/tracker/linux\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 20, "modified": "2017-12-23T20:13:29", "published": "2017-12-23T20:13:29", "id": "DEBIAN:DSA-4073-1:79398", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2017/msg00336.html", "title": "[SECURITY] [DSA 4073-1] linux security update", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2020-12-09T20:13:27", "description": "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement.", "edition": 5, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-27T17:08:00", "title": "CVE-2017-17856", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17856"], "modified": "2018-01-09T15:46:00", "cpe": ["cpe:/o:linux:linux_kernel:4.14.8", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2017-17856", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17856", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.14.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:13:27", "description": "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a \"pointer leak.\"", "edition": 5, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 1.4}, "published": "2017-12-27T17:08:00", "title": "CVE-2017-17864", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17864"], "modified": "2018-01-13T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.14.8", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2017-17864", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17864", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.14.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:13:27", "description": "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.", "edition": 5, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-12-27T17:08:00", "title": "CVE-2017-17862", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17862"], "modified": "2018-04-07T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.14.8", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2017-17862", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17862", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.14.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:13:27", "description": "The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.", "edition": 5, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-27T17:08:00", "title": "CVE-2017-17857", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17857"], "modified": "2018-01-09T15:53:00", "cpe": ["cpe:/o:linux:linux_kernel:4.14.8", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2017-17857", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17857", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.14.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:13:27", "description": "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations.", "edition": 5, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-27T17:08:00", "title": "CVE-2017-17853", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17853"], "modified": "2018-01-09T15:45:00", "cpe": ["cpe:/o:linux:linux_kernel:4.14.8", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2017-17853", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17853", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.14.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:13:27", "description": "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops.", "edition": 5, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-27T17:08:00", "title": "CVE-2017-17852", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17852"], "modified": "2018-01-09T15:44:00", "cpe": ["cpe:/o:linux:linux_kernel:4.14.8", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2017-17852", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17852", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.14.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:13:28", "description": "The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.", "edition": 8, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-03-15T04:29:00", "title": "CVE-2017-18232", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18232"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:linux:linux_kernel:4.15.9"], "id": "CVE-2017-18232", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18232", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.15.9:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:13:27", "description": "kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars.", "edition": 5, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-27T17:08:00", "title": "CVE-2017-17855", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17855"], "modified": "2018-01-09T15:46:00", "cpe": ["cpe:/o:linux:linux_kernel:4.14.8", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2017-17855", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17855", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.14.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:13:27", "description": "The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.", "edition": 5, "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-16T01:29:00", "title": "CVE-2017-17712", "type": "cve", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17712"], "modified": "2018-04-04T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.14.6"], "id": "CVE-2017-17712", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17712", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.14.6:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T20:13:27", "description": "The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h.", "edition": 5, "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.0}, "published": "2017-12-18T08:29:00", "title": "CVE-2017-17741", "type": "cve", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17741"], "modified": "2018-04-25T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.14.7", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2017-17741", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17741", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.14.7:*:*:*:*:*:*:*"]}], "amazon": [{"lastseen": "2020-11-10T12:37:24", "bulletinFamily": "unix", "cvelist": ["CVE-2017-17450", "CVE-2017-17741", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448"], "description": "**Issue Overview:**\n\nRace condition in raw_sendmsg function allows denial-of-service or kernel addresses leak \nA flaw was found in the Linux kernel's implementation of raw_sendmsg allowing a local attacker to panic the kernel or possibly leak kernel addresses. A local attacker, with the privilege of creating raw sockets, can abuse a possible race condition when setting the socket option to allow the kernel to automatically create ip header values and thus potentially escalate their privileges. ([CVE-2017-17712 __](<https://access.redhat.com/security/cve/CVE-2017-17712>))\n\nUse-after-free vulnerability in DCCP socket \nA use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. This vulnerability could allow an attacker to their escalate privileges. ([CVE-2017-8824 __](<https://access.redhat.com/security/cve/CVE-2017-8824>))\n\nStack-based out-of-bounds read via vmcall instruction \nLinux kernel compiled with the KVM virtualization (CONFIG_KVM) support is vulnerable to an out-of-bounds read access issue. It could occur when emulating vmcall instructions invoked by a guest. A guest user/process could use this flaw to disclose kernel memory bytes. ([CVE-2017-17741 __](<https://access.redhat.com/security/cve/CVE-2017-17741>))\n\nUnchecked capabilities in net/netfilter/xt_osf.c allows for unprivileged modification to systemwide fingerprint list \nnet/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces. ([CVE-2017-17450 __](<https://access.redhat.com/security/cve/CVE-2017-17450>))\n\nMissing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure \nnet/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnl_cthelper_list data structure is shared across all net namespaces. ([CVE-2017-17448 __](<https://access.redhat.com/security/cve/CVE-2017-17448>))\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-tools-debuginfo-4.9.77-31.58.amzn1.i686 \n kernel-debuginfo-common-i686-4.9.77-31.58.amzn1.i686 \n kernel-devel-4.9.77-31.58.amzn1.i686 \n kernel-headers-4.9.77-31.58.amzn1.i686 \n kernel-4.9.77-31.58.amzn1.i686 \n kernel-debuginfo-4.9.77-31.58.amzn1.i686 \n kernel-tools-4.9.77-31.58.amzn1.i686 \n kernel-tools-devel-4.9.77-31.58.amzn1.i686 \n perf-debuginfo-4.9.77-31.58.amzn1.i686 \n perf-4.9.77-31.58.amzn1.i686 \n \n noarch: \n kernel-doc-4.9.77-31.58.amzn1.noarch \n \n src: \n kernel-4.9.77-31.58.amzn1.src \n \n x86_64: \n perf-4.9.77-31.58.amzn1.x86_64 \n kernel-devel-4.9.77-31.58.amzn1.x86_64 \n kernel-4.9.77-31.58.amzn1.x86_64 \n kernel-tools-debuginfo-4.9.77-31.58.amzn1.x86_64 \n kernel-tools-devel-4.9.77-31.58.amzn1.x86_64 \n kernel-headers-4.9.77-31.58.amzn1.x86_64 \n kernel-tools-4.9.77-31.58.amzn1.x86_64 \n perf-debuginfo-4.9.77-31.58.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-4.9.77-31.58.amzn1.x86_64 \n kernel-debuginfo-4.9.77-31.58.amzn1.x86_64 \n \n \n", "edition": 5, "modified": "2018-01-18T22:45:00", "published": "2018-01-18T22:45:00", "id": "ALAS-2018-944", "href": "https://alas.aws.amazon.com/ALAS-2018-944.html", "title": "Important: kernel", "type": "amazon", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}
