Lucene search
Copyright (C) 2020 Greenbone AGOPENVAS:1361412562310892242HistoryJun 11, 2020 - 12:00 a.m.
Debian: Security Advisory (DLA-2242-1)
2020-06-1100:00:00
Copyright (C) 2020 Greenbone AG
plugins.openvas.org
25
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.01 Low
EPSS
Percentile
83.1%
The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2020 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.892242");
script_cve_id("CVE-2019-19319", "CVE-2019-19462", "CVE-2019-19768", "CVE-2019-20806", "CVE-2019-20811", "CVE-2019-2182", "CVE-2019-5108", "CVE-2020-0543", "CVE-2020-10711", "CVE-2020-10732", "CVE-2020-10751", "CVE-2020-10757", "CVE-2020-10942", "CVE-2020-11494", "CVE-2020-11565", "CVE-2020-11608", "CVE-2020-11609", "CVE-2020-11668", "CVE-2020-12114", "CVE-2020-12464", "CVE-2020-12652", "CVE-2020-12653", "CVE-2020-12654", "CVE-2020-12770", "CVE-2020-13143", "CVE-2020-2732", "CVE-2020-8428", "CVE-2020-8647", "CVE-2020-8648", "CVE-2020-8649", "CVE-2020-9383");
script_tag(name:"creation_date", value:"2020-06-11 03:00:11 +0000 (Thu, 11 Jun 2020)");
script_version("2024-02-02T05:06:07+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:07 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2020-05-08 15:10:49 +0000 (Fri, 08 May 2020)");
script_name("Debian: Security Advisory (DLA-2242-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2020 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB8");
script_xref(name:"Advisory-ID", value:"DLA-2242-1");
script_xref(name:"URL", value:"https://www.debian.org/lts/security/2020/DLA-2242-1");
script_xref(name:"URL", value:"https://wiki.debian.org/LTS");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'linux-4.9' package(s) announced via the DLA-2242-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
CVE-2019-2182
Hanjun Guo and Lei Li reported a race condition in the arm64 virtual memory management code, which could lead to an information disclosure, denial of service (crash), or possibly privilege escalation.
CVE-2019-5108
Mitchell Frank of Cisco discovered that when the IEEE 802.11 (WiFi) stack was used in AP mode with roaming, it would trigger roaming for a newly associated station before the station was authenticated. An attacker within range of the AP could use this to cause a denial of service, either by filling up a switching table or by redirecting traffic away from other stations.
CVE-2019-19319
Jungyeon discovered that a crafted filesystem can cause the ext4 implementation to deallocate or reallocate journal blocks. A user permitted to mount filesystems could use this to cause a denial of service (crash), or possibly for privilege escalation.
CVE-2019-19462
The syzbot tool found a missing error check in the relay library used to implement various files under debugfs. A local user permitted to access debugfs could use this to cause a denial of service (crash) or possibly for privilege escalation.
CVE-2019-19768
Tristan Madani reported a race condition in the blktrace debug facility that could result in a use-after-free. A local user able to trigger removal of block devices could possibly use this to cause a denial of service (crash) or for privilege escalation.
CVE-2019-20806
A potential null pointer dereference was discovered in the tw5864 media driver. The security impact of this is unclear.
CVE-2019-20811
The Hulk Robot tool found a reference-counting bug in an error path in the network subsystem. The security impact of this is unclear.
CVE-2020-0543
Researchers at VU Amsterdam discovered that on some Intel CPUs supporting the RDRAND and RDSEED instructions, part of a random value generated by these instructions may be used in a later speculative execution on any core of the same physical CPU. Depending on how these instructions are used by applications, a local user or VM guest could use this to obtain sensitive information such as cryptographic keys from other users or VMs.
This vulnerability can be mitigated by a microcode update, either as part of system firmware (BIOS) or through the intel-microcode package in Debian's non-free archive section. This kernel update only provides reporting of the vulnerability and the option to disable the mitigation if it is not needed.
CVE-2020-2732
Paulo Bonzini discovered that the KVM implementation for Intel processors did not properly handle instruction emulation for L2 guests when nested virtualization is enabled. This could allow an L2 guest to cause privilege escalation, denial of service, or information leaks in the L1 guest.
CVE-2020-8428
Al ... [Please see the references for more information on the vulnerabilities]");
script_tag(name:"affected", value:"'linux-4.9' package(s) on Debian 8.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB8") {
if(!isnull(res = isdpkgvuln(pkg:"linux-compiler-gcc-4.9-arm", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-doc-4.9", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-686", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-686-pae", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-all", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-all-amd64", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-all-armel", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-all-armhf", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-all-i386", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-amd64", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-armmp", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-armmp-lpae", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-common", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-common-rt", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-marvell", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-rt-686-pae", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-headers-4.9.0-0.bpo.12-rt-amd64", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.9.0-0.bpo.12-686", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.9.0-0.bpo.12-686-pae", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.9.0-0.bpo.12-686-pae-dbg", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.9.0-0.bpo.12-amd64", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.9.0-0.bpo.12-amd64-dbg", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.9.0-0.bpo.12-armmp", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.9.0-0.bpo.12-armmp-lpae", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.9.0-0.bpo.12-marvell", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.9.0-0.bpo.12-rt-686-pae", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.9.0-0.bpo.12-rt-686-pae-dbg", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.9.0-0.bpo.12-rt-amd64", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-4.9.0-0.bpo.12-rt-amd64-dbg", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-kbuild-4.9", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-manual-4.9", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-perf-4.9", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-source-4.9", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-support-4.9.0-0.bpo.12", ver:"4.9.210-1+deb9u1~deb8u1", rls:"DEB8"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
osv
osv
linux - security update
2020-06-09 00:00:00
linux-4.9 - security update
2020-06-09 00:00:00
linux - security update
2020-06-09 00:00:00
debian
debian
[SECURITY] [DLA 2242-1] linux-4.9 security update
2020-06-10 10:48:38
[SECURITY] [DSA 4698-1] linux security update
2020-06-09 19:44:16
[SECURITY] [DSA 4698-1] linux security update
2020-06-09 19:44:16
nessus
nessus
Debian DSA-4698-1 : linux - security update
2020-06-11 00:00:00
Debian DLA-2242-1 : linux-4.9 security update
2020-06-11 00:00:00
Photon OS 1.0: Linux PHSA-2020-1.0-0290
2020-04-29 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4698-1)
2020-06-11 00:00:00
Debian: Security Advisory (DSA-4699-1)
2020-06-11 00:00:00
Slackware: Security Advisory (SSA:2020-163-01)
2022-04-21 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2020-06-11 21:36:19
ubuntu
ubuntu
Kernel Live Patch Security Notice
2020-06-09 00:00:00
Linux kernel vulnerabilities
2020-05-19 00:00:00
Linux kernel vulnerabilities
2020-04-28 00:00:00
cloudfoundry
cloudfoundry
USN-4345-1: Linux kernel vulnerabilities | Cloud Foundry
2020-05-14 00:00:00
USN-4390-1: Linux kernel vulnerabilities | Cloud Foundry
2020-06-22 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2020-06-13 00:00:00
Security update for the Linux Kernel (important)
2020-03-27 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2020-05-18 00:00:00
Unbreakable Enterprise kernel security update
2020-04-27 00:00:00
Unbreakable Enterprise kernel security update
2020-07-14 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2020-04-25 23:55:48
Updated kernel packages fix security vulnerabilities
2020-04-25 23:55:48
Updated kernel packages fix security vulnerabilities
2020-03-14 02:19:55
amazon
amazon
Important: kernel
2020-06-01 22:37:00
Important: kernel
2020-06-01 12:24:00
Important: kernel
2020-03-23 16:25:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-2.0-0230
2020-04-15 00:00:00
Important Photon OS Security Update - PHSA-2020-0230
2020-04-13 00:00:00
Important Photon OS Security Update - PHSA-2020-0219
2020-02-20 00:00:00
f5
f5
redhat
redhat
(RHSA-2020:3226) Important: kernel security and bug fix update
2020-07-29 19:50:14
(RHSA-2020:2832) Important: kernel security and bug fix update
2020-07-07 08:15:30
(RHSA-2020:3432) Important: kernel security update
2020-08-12 11:18:05
ibm
ibm
archlinux
archlinux
[ASA-202003-6] linux: multiple issues
2020-03-08 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.01 Low
EPSS
Percentile
83.1%
Related for OPENVAS:1361412562310892242