8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.036 Low
EPSS
Percentile
91.6%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.10.2019.0098");
script_cve_id("CVE-2018-1128", "CVE-2018-1129", "CVE-2018-14625", "CVE-2018-16862", "CVE-2018-16882", "CVE-2018-16884", "CVE-2018-18397", "CVE-2018-19824", "CVE-2018-19985", "CVE-2019-3701", "CVE-2019-3819", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222");
script_tag(name:"creation_date", value:"2022-01-28 10:58:44 +0000 (Fri, 28 Jan 2022)");
script_version("2024-02-02T05:06:09+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:09 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-01-19 16:04:54 +0000 (Thu, 19 Jan 2023)");
script_name("Mageia: Security Advisory (MGASA-2019-0098)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2022 Greenbone AG");
script_family("Mageia Linux Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA6");
script_xref(name:"Advisory-ID", value:"MGASA-2019-0098");
script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2019-0098.html");
script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=24332");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.79");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.80");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.81");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.82");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.83");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.84");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.85");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.86");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.87");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.88");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.89");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.90");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.91");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.92");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.93");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.94");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.95");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.96");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.97");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.98");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.99");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.100");
script_tag(name:"summary", value:"The remote host is missing an update for the 'kernel-linus' package(s) announced via the MGASA-2019-0098 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This kernel-linus update is based on the upstream 4.14.100 and fixes at least
the following security issues:
Cross-hyperthread Spectre v2 mitigation is now provided by the Single
Thread Indirect Branch Predictors (STIBP) support. Note that STIBP also
requires the functionality be supported by the Intel microcode in use.
It was found that cephx authentication protocol did not verify ceph clients
correctly and was vulnerable to replay attack. Any attacker having access
to ceph cluster network who is able to sniff packets on network can use
this vulnerability to authenticate with ceph service and perform actions
allowed by ceph service (CVE-2018-1128).
A flaw was found in the way signature calculation was handled by cephx
authentication protocol. An attacker having access to ceph cluster network
who is able to alter the message payload was able to bypass signature
checks done by cephx protocol (CVE-2018-1129).
A flaw was found in the Linux Kernel where an attacker may be able to have
an uncontrolled read to kernel-memory from within a vm guest. A race
condition between connect() and close() function may allow an attacker
using the AF_VSOCK protocol to gather a 4 byte information leak or possibly
intercept or corrupt AF_VSOCK messages destined to other clients
(CVE-2018-14625).
A security flaw was found in the Linux kernel in a way that the cleancache
subsystem clears an inode after the final file truncation (removal). The
new file created with the same inode may contain leftover pages from
cleancache and the old file data instead of the new one (CVE-2018-16862).
A use-after-free issue was found in the way the Linux kernel's KVM
hypervisor processed posted interrupts when nested(=1) virtualization is
enabled. In nested_get_vmcs12_pages(), in case of an error while
processing posted interrupt address, it unmaps the 'pi_desc_page' without
resetting 'pi_desc' descriptor address, which is later used in
pi_test_and_clear_on(). A guest user/process could use this flaw to crash
the host kernel resulting in DoS or potentially gain privileged access to
a system (CVE-2018-16882).
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares
mounted in different network namespaces at the same time can make
bc_svc_process() use wrong back-channel IDs and cause a use-after-free
vulnerability. Thus a malicious container user can cause a host kernel
memory corruption and a system panic. Due to the nature of the flaw,
privilege escalation cannot be fully ruled out (CVE-2018-16884).
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles
access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing
local users to write data into holes in a tmpfs file (if the user has
read-only access to that file, and that file contains holes)
(CVE-2018-18397).
In the Linux kernel through 4.19.6, a local user could exploit a
use-after-free in the ALSA ... [Please see the references for more information on the vulnerabilities]");
script_tag(name:"affected", value:"'kernel-linus' package(s) on Mageia 6.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "MAGEIA6") {
if(!isnull(res = isrpmvuln(pkg:"kernel-linus-4.14.100-1.mga6", rpm:"kernel-linus-4.14.100-1.mga6~1~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-linus", rpm:"kernel-linus~4.14.100~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-linus-devel-4.14.100-1.mga6", rpm:"kernel-linus-devel-4.14.100-1.mga6~1~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-linus-devel-latest", rpm:"kernel-linus-devel-latest~4.14.100~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-linus-doc", rpm:"kernel-linus-doc~4.14.100~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-linus-latest", rpm:"kernel-linus-latest~4.14.100~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-linus-source-4.14.100-1.mga6", rpm:"kernel-linus-source-4.14.100-1.mga6~1~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-linus-source-latest", rpm:"kernel-linus-source-latest~4.14.100~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
advisories.mageia.org/MGASA-2019-0098.html
bugs.mageia.org/show_bug.cgi?id=24332
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.100
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.79
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.80
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.81
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.82
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.83
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.84
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.85
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.86
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.87
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.88
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.89
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.90
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.91
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.92
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.93
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.94
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.95
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.96
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.97
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.98
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.99
MGASA-2019-0098
8.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
7.3 High
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.036 Low
EPSS
Percentile
91.6%