8 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.3%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.13.2024.157.01");
script_cve_id("CVE-2023-46838", "CVE-2023-52340", "CVE-2023-52429", "CVE-2023-52434", "CVE-2023-52435", "CVE-2023-52436", "CVE-2023-52438", "CVE-2023-52439", "CVE-2023-52443", "CVE-2023-52444", "CVE-2023-52445", "CVE-2023-52447", "CVE-2023-52448", "CVE-2023-52449", "CVE-2023-52451", "CVE-2023-52454", "CVE-2023-52456", "CVE-2023-52458", "CVE-2023-52463", "CVE-2023-52464", "CVE-2023-52467", "CVE-2023-52469", "CVE-2023-52470", "CVE-2023-52486", "CVE-2023-52489", "CVE-2023-52491", "CVE-2023-52492", "CVE-2023-52493", "CVE-2023-52494", "CVE-2023-52497", "CVE-2023-52498", "CVE-2023-52583", "CVE-2023-52587", "CVE-2023-52588", "CVE-2023-52594", "CVE-2023-52595", "CVE-2023-52597", "CVE-2023-52598", "CVE-2023-52599", "CVE-2023-52600", "CVE-2023-52601", "CVE-2023-52602", "CVE-2023-52603", "CVE-2023-52604", "CVE-2023-52606", "CVE-2023-52607", "CVE-2023-52608", "CVE-2023-52609", "CVE-2023-52610", "CVE-2023-52612", "CVE-2023-52614", "CVE-2023-52615", "CVE-2023-52616", "CVE-2023-52617", "CVE-2023-52618", "CVE-2023-52619", "CVE-2023-52620", "CVE-2023-52622", "CVE-2023-52623", "CVE-2023-52627", "CVE-2023-52630", "CVE-2023-52631", "CVE-2023-52633", "CVE-2023-52635", "CVE-2023-52637", "CVE-2023-52638", "CVE-2023-52640", "CVE-2023-52641", "CVE-2023-6040", "CVE-2023-6270", "CVE-2023-6356", "CVE-2023-6536", "CVE-2023-6915", "CVE-2023-7042", "CVE-2024-0340", "CVE-2024-0565", "CVE-2024-0646", "CVE-2024-0841", "CVE-2024-1085", "CVE-2024-1086", "CVE-2024-1151", "CVE-2024-22099", "CVE-2024-23849", "CVE-2024-23850", "CVE-2024-23851", "CVE-2024-24860", "CVE-2024-26586", "CVE-2024-26589", "CVE-2024-26591", "CVE-2024-26592", "CVE-2024-26593", "CVE-2024-26594", "CVE-2024-26597", "CVE-2024-26598", "CVE-2024-26600", "CVE-2024-26601", "CVE-2024-26602", "CVE-2024-26603", "CVE-2024-26606", "CVE-2024-26608", "CVE-2024-26610", "CVE-2024-26614", "CVE-2024-26615", "CVE-2024-26622", "CVE-2024-26625", "CVE-2024-26627", "CVE-2024-26631", "CVE-2024-26633", "CVE-2024-26635", "CVE-2024-26636", "CVE-2024-26640", "CVE-2024-26641", "CVE-2024-26644", "CVE-2024-26645", "CVE-2024-26651", "CVE-2024-26659", "CVE-2024-26660", "CVE-2024-26663", "CVE-2024-26664", "CVE-2024-26665", "CVE-2024-26668", "CVE-2024-26671", "CVE-2024-26673", "CVE-2024-26675", "CVE-2024-26676", "CVE-2024-26679", "CVE-2024-26684", "CVE-2024-26685", "CVE-2024-26688", "CVE-2024-26689", "CVE-2024-26696", "CVE-2024-26697", "CVE-2024-26698", "CVE-2024-26702", "CVE-2024-26704", "CVE-2024-26707", "CVE-2024-26712", "CVE-2024-26715", "CVE-2024-26717", "CVE-2024-26720", "CVE-2024-26727", "CVE-2024-26733", "CVE-2024-26735", "CVE-2024-26736", "CVE-2024-26737", "CVE-2024-26743", "CVE-2024-26744", "CVE-2024-26747", "CVE-2024-26748", "CVE-2024-26749", "CVE-2024-26751", "CVE-2024-26752", "CVE-2024-26754", "CVE-2024-26763", "CVE-2024-26764", "CVE-2024-26766", "CVE-2024-26769", "CVE-2024-26771", "CVE-2024-26772", "CVE-2024-26773", "CVE-2024-26774", "CVE-2024-26776", "CVE-2024-26777", "CVE-2024-26778", "CVE-2024-26779", "CVE-2024-26782", "CVE-2024-26787", "CVE-2024-26788", "CVE-2024-26790", "CVE-2024-26791", "CVE-2024-26793", "CVE-2024-26795", "CVE-2024-26798", "CVE-2024-26801", "CVE-2024-26802", "CVE-2024-26803", "CVE-2024-26804", "CVE-2024-26805", "CVE-2024-26808", "CVE-2024-26809");
script_tag(name:"creation_date", value:"2024-06-06 04:08:20 +0000 (Thu, 06 Jun 2024)");
script_version("2024-06-06T05:05:36+0000");
script_tag(name:"last_modification", value:"2024-06-06 05:05:36 +0000 (Thu, 06 Jun 2024)");
script_tag(name:"cvss_base", value:"7.7");
script_tag(name:"cvss_base_vector", value:"AV:A/AC:L/Au:S/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2024-03-15 14:21:29 +0000 (Fri, 15 Mar 2024)");
script_name("Slackware: Security Advisory (SSA:2024-157-01)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("Slackware Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/slackware_linux", "ssh/login/slackpack", re:"ssh/login/release=SLK15\.0");
script_xref(name:"Advisory-ID", value:"SSA:2024-157-01");
script_xref(name:"URL", value:"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2024&m=slackware-security.1327811");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-46838");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52340");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52429");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52435");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52436");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52438");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52439");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52443");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52444");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52445");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52448");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52449");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52451");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52454");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52456");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52458");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52463");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52464");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52467");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52469");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52470");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52486");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52489");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52491");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52492");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52493");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52494");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52498");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52609");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52610");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-52612");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-6040");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-6356");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-6536");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-6915");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2024-0646");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2024-1085");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2024-24860");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2024-26586");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2024-26589");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2024-26591");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2024-26597");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2024-26598");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2024-26631");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2024-26633");
script_tag(name:"summary", value:"The remote host is missing an update for the 'kernel' package(s) announced via the SSA:2024-157-01 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"New kernel packages are available for Slackware 15.0 to fix security issues.
Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/linux-5.15.160/*: Upgraded.
These updates fix various bugs and security issues.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
Fixed in 5.15.147:
[link moved to references]
[link moved to references]
[link moved to references]
Fixed in 5.15.148:
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
Fixed in 5.15.149:
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
... [Please see the references for more information on the vulnerabilities]");
script_tag(name:"affected", value:"'kernel' package(s) on Slackware 15.0.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-slack.inc");
release = slk_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLK15.0") {
if(!isnull(res = isslkpkgvuln(pkg:"kernel-generic", ver:"5.15.160-i586-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-generic", ver:"5.15.160-x86_64-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-generic-smp", ver:"5.15.160_smp-i686-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-headers", ver:"5.15.160-x86-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-headers", ver:"5.15.160_smp-x86-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-huge", ver:"5.15.160-i586-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-huge", ver:"5.15.160-x86_64-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-huge-smp", ver:"5.15.160_smp-i686-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-modules", ver:"5.15.160-i586-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-modules", ver:"5.15.160-x86_64-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-modules-smp", ver:"5.15.160_smp-i686-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-source", ver:"5.15.160-noarch-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-source", ver:"5.15.160_smp-noarch-1", rls:"SLK15.0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
www.slackware.com/security/viewer.php?l=slackware-security&y=2024&m=slackware-security.1327811
www.cve.org/CVERecord?id=CVE-2023-46838
www.cve.org/CVERecord?id=CVE-2023-52340
www.cve.org/CVERecord?id=CVE-2023-52429
www.cve.org/CVERecord?id=CVE-2023-52435
www.cve.org/CVERecord?id=CVE-2023-52436
www.cve.org/CVERecord?id=CVE-2023-52438
www.cve.org/CVERecord?id=CVE-2023-52439
www.cve.org/CVERecord?id=CVE-2023-52443
www.cve.org/CVERecord?id=CVE-2023-52444
www.cve.org/CVERecord?id=CVE-2023-52445
www.cve.org/CVERecord?id=CVE-2023-52448
www.cve.org/CVERecord?id=CVE-2023-52449
www.cve.org/CVERecord?id=CVE-2023-52451
www.cve.org/CVERecord?id=CVE-2023-52454
www.cve.org/CVERecord?id=CVE-2023-52456
www.cve.org/CVERecord?id=CVE-2023-52458
www.cve.org/CVERecord?id=CVE-2023-52463
www.cve.org/CVERecord?id=CVE-2023-52464
www.cve.org/CVERecord?id=CVE-2023-52467
www.cve.org/CVERecord?id=CVE-2023-52469
www.cve.org/CVERecord?id=CVE-2023-52470
www.cve.org/CVERecord?id=CVE-2023-52486
www.cve.org/CVERecord?id=CVE-2023-52489
www.cve.org/CVERecord?id=CVE-2023-52491
www.cve.org/CVERecord?id=CVE-2023-52492
www.cve.org/CVERecord?id=CVE-2023-52493
www.cve.org/CVERecord?id=CVE-2023-52494
www.cve.org/CVERecord?id=CVE-2023-52498
www.cve.org/CVERecord?id=CVE-2023-52609
www.cve.org/CVERecord?id=CVE-2023-52610
www.cve.org/CVERecord?id=CVE-2023-52612
www.cve.org/CVERecord?id=CVE-2023-6040
www.cve.org/CVERecord?id=CVE-2023-6356
www.cve.org/CVERecord?id=CVE-2023-6536
www.cve.org/CVERecord?id=CVE-2023-6915
www.cve.org/CVERecord?id=CVE-2024-0646
www.cve.org/CVERecord?id=CVE-2024-1085
www.cve.org/CVERecord?id=CVE-2024-24860
www.cve.org/CVERecord?id=CVE-2024-26586
www.cve.org/CVERecord?id=CVE-2024-26589
www.cve.org/CVERecord?id=CVE-2024-26591
www.cve.org/CVERecord?id=CVE-2024-26597
www.cve.org/CVERecord?id=CVE-2024-26598
www.cve.org/CVERecord?id=CVE-2024-26631
www.cve.org/CVERecord?id=CVE-2024-26633
SSA:2024-157-01
8 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.3%