Lucene search
Copyright (C) 2021 Greenbone AGOPENVAS:13614125623114201818491HistoryJun 09, 2021 - 12:00 a.m.
SUSE: Security Advisory (SUSE-SU-2018:1849-1)
2021-06-0900:00:00
Copyright (C) 2021 Greenbone AG
plugins.openvas.org
2
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
6.4 Medium
AI Score
Confidence
High
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N
0.001 Low
EPSS
Percentile
31.0%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2021 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.4.2018.1849.1");
script_cve_id("CVE-2018-3665");
script_tag(name:"creation_date", value:"2021-06-09 14:57:43 +0000 (Wed, 09 Jun 2021)");
script_version("2024-02-02T14:37:50+0000");
script_tag(name:"last_modification", value:"2024-02-02 14:37:50 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"4.7");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:N/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2018-07-11 20:19:13 +0000 (Wed, 11 Jul 2018)");
script_name("SUSE: Security Advisory (SUSE-SU-2018:1849-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2021 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES11\.0|SLES11\.0SP3)");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2018:1849-1");
script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2018/suse-su-20181849-1/");
script_tag(name:"summary", value:"The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:1849-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"The SUSE Linux Enterprise 11 SP3 LTSS kernel was updated to receive various security and bugfixes.
The following security bug was fixed:
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and
AVX registers) between processes. These registers might contain
encryption keys when doing SSE accelerated AES enc/decryption
(bsc#1087086)
The following non-security bugs were fixed:
- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure
(bsc#1096242, bsc#1096281).
- Xen counterparts of eager FPU implementation.
- x86/boot: Fix early command-line parsing when partial word matches
(bsc#1096140).
- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being
disabled (bsc#1096140).
- xen/x86/CPU: Check speculation control CPUID bit (bsc#1068032).
- xen/x86/CPU: Sync CPU feature flags late (bsc#1075994 bsc#1075091).
- xen/x86/cpu: Factor out application of forced CPU caps (bsc#1075994
bsc#1075091).
- xen/x86/cpu: Fix bootup crashes by sanitizing the argument of the
'clearcpuid=' command-line option (bsc#1065600).
- xen/x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).
- xen/x86/entry: Use IBRS on entry to kernel space (bsc#1068032).
- xen/x86/idle: Toggle IBRS when going idle (bsc#1068032).
- xen/x86/kaiser: Move feature detection up (bsc#1068032).");
script_tag(name:"affected", value:"'Linux Kernel' package(s) on SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 11-SP3.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLES11.0") {
if(!isnull(res = isrpmvuln(pkg:"kernel-bigsmp-extra", rpm:"kernel-bigsmp-extra~3.0.101~0.47.106.35.1", rls:"SLES11.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-default-extra", rpm:"kernel-default-extra~3.0.101~0.47.106.35.1", rls:"SLES11.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-pae-extra", rpm:"kernel-pae-extra~3.0.101~0.47.106.35.1", rls:"SLES11.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-ppc64-extra", rpm:"kernel-ppc64-extra~3.0.101~0.47.106.35.1", rls:"SLES11.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-trace-extra", rpm:"kernel-trace-extra~3.0.101~0.47.106.35.1", rls:"SLES11.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-xen-extra", rpm:"kernel-xen-extra~3.0.101~0.47.106.35.1", rls:"SLES11.0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES11.0SP3") {
if(!isnull(res = isrpmvuln(pkg:"kernel-bigsmp", rpm:"kernel-bigsmp~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-bigsmp-base", rpm:"kernel-bigsmp-base~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-bigsmp-devel", rpm:"kernel-bigsmp-devel~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-default-base", rpm:"kernel-default-base~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-default-devel", rpm:"kernel-default-devel~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-default-man", rpm:"kernel-default-man~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-ec2", rpm:"kernel-ec2~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-ec2-base", rpm:"kernel-ec2-base~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-ec2-devel", rpm:"kernel-ec2-devel~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-pae", rpm:"kernel-pae~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-pae-base", rpm:"kernel-pae-base~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-pae-devel", rpm:"kernel-pae-devel~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-trace", rpm:"kernel-trace~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-trace-base", rpm:"kernel-trace-base~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-trace-devel", rpm:"kernel-trace-devel~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-xen-base", rpm:"kernel-xen-base~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~3.0.101~0.47.106.35.1", rls:"SLES11.0SP3"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
f5
f5
K21344224 : Lazy FP state restore vulnerability CVE-2018-3665
2018-06-21 00:00:00
osv
osv
CVE-2018-3665
2018-06-21 20:29:00
xen - security update
2018-06-20 00:00:00
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2090-1)
2018-07-30 00:00:00
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4144)
2018-06-18 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2109-1)
2018-07-30 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-18:07.lazyfpu
2018-06-21 00:00:00
openvas
openvas
CentOS Update for kernel CESA-2018:1852 centos7
2018-06-17 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:2102-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:2111-1)
2021-04-19 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2018-06-15 00:00:00
kernel security update
2018-06-14 00:00:00
kernel security and bug fix update
2018-06-27 00:00:00
citrix
citrix
CVE-2018-3665 - Citrix XenServer Security Update
2018-06-15 04:00:00
veracode
veracode
Information Disclosure
2019-01-15 09:23:51
prion
prion
Command injection
2018-06-21 20:29:00
redhat
redhat
(RHSA-2018:1944) Moderate: kernel-rt security update
2018-06-19 13:05:06
(RHSA-2018:1852) Moderate: kernel security update
2018-06-14 19:11:57
(RHSA-2018:2165) Moderate: kernel-rt security, and enhancement update
2018-07-10 15:37:35
mskb
mskb
Description of the security update for the L1TF variant vulnerabilities in Windows Server 2008: August 14, 2018
2018-08-14 07:00:00
July 10, 2018âKB4338823 (Security-only update)
2018-07-10 07:00:00
July 10, 2018âKB4338820 (Security-only update)
2018-07-10 07:00:00
kaspersky
kaspersky
KLA11891 Microsoft Advisory for Microsoft Products (ESU)
2018-06-13 00:00:00
centos
centos
kernel, perf, python security update
2018-06-16 10:49:53
kernel, perf, python security update
2018-07-13 16:57:08
ubuntucve
ubuntucve
CVE-2018-3665
2018-06-13 00:00:00
lenovo
lenovo
Lazy FP State Restore - Lenovo Support NL
2018-12-13 11:22:07
Lazy FP State Restore - US
2018-12-13 11:22:07
debian
debian
[SECURITY] [DSA 4232-1] xen security update
2018-06-20 07:02:39
xen
xen
Speculative register leakage from lazy FPU context switching
2018-06-13 20:23:00
paloalto
paloalto
Information Disclosure in WildFire Appliance (WF-500)
2019-07-08 22:15:00
debiancve
debiancve
CVE-2018-3665
2018-06-21 20:29:00
mscve
mscve
Microsoft Guidance for Lazy FP State Restore
2018-06-13 07:00:00
intel
intel
Lazy FP State Restore
2018-06-13 00:00:00
redhatcve
redhatcve
CVE-2018-3665
2020-04-09 07:12:46
thn
thn
New 'Lazy FP State Restore' Vulnerability Found in All Modern Intel CPUs
2018-06-14 07:59:00
cve
cve
CVE-2018-3665
2018-06-21 20:29:00
freebsd
freebsd
FreeBSD -- Lazy FPU State Restore Information Disclosure
2018-06-21 00:00:00
suse
suse
Security update for xen (important)
2018-07-28 15:07:34
Security update for xen (moderate)
2018-08-06 15:12:23
Security update for the Linux Kernel (important)
2018-06-21 18:19:06
virtuozzo
virtuozzo
fedora
fedora
[SECURITY] Fedora 28 Update: xen-4.10.1-4.fc28
2018-06-29 08:43:54
[SECURITY] Fedora 28 Update: xen-4.10.1-5.fc28
2018-07-03 16:56:43
ubuntu
ubuntu
Linux kernel (Xenial HWE) vulnerabilities
2018-07-02 00:00:00
Linux kernel vulnerabilities
2018-07-02 00:00:00
Linux kernel (Trusty HWE) vulnerabilities
2018-07-02 00:00:00
cloudfoundry
cloudfoundry
USN-3696-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2018-07-10 00:00:00
nvidia
nvidia
Security Bulletin: NVIDIA Jetson TX1 and TX2 L4T - April 2019
2019-04-02 00:00:00
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
6.4 Medium
AI Score
Confidence
High
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N
0.001 Low
EPSS
Percentile
31.0%
Related for OPENVAS:13614125623114201818491