Lucene search
Copyright (C) 2021 Greenbone AGOPENVAS:13614125623114201837721HistoryApr 19, 2021 - 12:00 a.m.
SUSE: Security Advisory (SUSE-SU-2018:3772-1)
2021-04-1900:00:00
Copyright (C) 2021 Greenbone AG
plugins.openvas.org
3.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
5.9 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.2%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2021 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.4.2018.3772.1");
script_cve_id("CVE-2018-18386");
script_tag(name:"creation_date", value:"2021-04-19 00:00:00 +0000 (Mon, 19 Apr 2021)");
script_version("2024-02-02T14:37:50+0000");
script_tag(name:"last_modification", value:"2024-02-02 14:37:50 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"2.1");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2018-12-06 14:14:37 +0000 (Thu, 06 Dec 2018)");
script_name("SUSE: Security Advisory (SUSE-SU-2018:3772-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2021 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES12\.0|SLES12\.0SP1)");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2018:3772-1");
script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2018/suse-su-20183772-1/");
script_tag(name:"summary", value:"The remote host is missing an update for the 'Linux Kernel (Live Patch 32 for SLE 12 SP1)' package(s) announced via the SUSE-SU-2018:3772-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for the Linux Kernel 3.12.74-60_64_107 fixes one issue.
The following security issue was fixed:
CVE-2018-18386: The drivers/tty/n_tty.c allowed local attackers (who are
able to access pseudo terminals) to hang/block further usage of any
pseudo terminal devices due to an EXTPROC versus ICANON confusion in
TIOCINQ (bsc#1112039).");
script_tag(name:"affected", value:"'Linux Kernel (Live Patch 32 for SLE 12 SP1)' package(s) on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 12-SP1.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLES12.0") {
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_106-default", rpm:"kgraft-patch-3_12_61-52_106-default~11~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_106-xen", rpm:"kgraft-patch-3_12_61-52_106-xen~11~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_111-default", rpm:"kgraft-patch-3_12_61-52_111-default~10~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_111-xen", rpm:"kgraft-patch-3_12_61-52_111-xen~10~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_119-default", rpm:"kgraft-patch-3_12_61-52_119-default~10~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_119-xen", rpm:"kgraft-patch-3_12_61-52_119-xen~10~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_122-default", rpm:"kgraft-patch-3_12_61-52_122-default~10~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_122-xen", rpm:"kgraft-patch-3_12_61-52_122-xen~10~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_125-default", rpm:"kgraft-patch-3_12_61-52_125-default~9~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_125-xen", rpm:"kgraft-patch-3_12_61-52_125-xen~9~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_128-default", rpm:"kgraft-patch-3_12_61-52_128-default~7~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_128-xen", rpm:"kgraft-patch-3_12_61-52_128-xen~7~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_133-default", rpm:"kgraft-patch-3_12_61-52_133-default~6~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_133-xen", rpm:"kgraft-patch-3_12_61-52_133-xen~6~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_136-default", rpm:"kgraft-patch-3_12_61-52_136-default~6~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_136-xen", rpm:"kgraft-patch-3_12_61-52_136-xen~6~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_141-default", rpm:"kgraft-patch-3_12_61-52_141-default~5~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_141-xen", rpm:"kgraft-patch-3_12_61-52_141-xen~5~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_146-default", rpm:"kgraft-patch-3_12_61-52_146-default~3~2.1", rls:"SLES12.0"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_61-52_146-xen", rpm:"kgraft-patch-3_12_61-52_146-xen~3~2.1", rls:"SLES12.0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES12.0SP1") {
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_104-default", rpm:"kgraft-patch-3_12_74-60_64_104-default~3~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_104-xen", rpm:"kgraft-patch-3_12_74-60_64_104-xen~3~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_107-default", rpm:"kgraft-patch-3_12_74-60_64_107-default~3~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_107-xen", rpm:"kgraft-patch-3_12_74-60_64_107-xen~3~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_66-default", rpm:"kgraft-patch-3_12_74-60_64_66-default~10~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_66-xen", rpm:"kgraft-patch-3_12_74-60_64_66-xen~10~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_69-default", rpm:"kgraft-patch-3_12_74-60_64_69-default~9~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_69-xen", rpm:"kgraft-patch-3_12_74-60_64_69-xen~9~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_82-default", rpm:"kgraft-patch-3_12_74-60_64_82-default~9~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_82-xen", rpm:"kgraft-patch-3_12_74-60_64_82-xen~9~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_85-default", rpm:"kgraft-patch-3_12_74-60_64_85-default~9~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_85-xen", rpm:"kgraft-patch-3_12_74-60_64_85-xen~9~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_88-default", rpm:"kgraft-patch-3_12_74-60_64_88-default~7~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_88-xen", rpm:"kgraft-patch-3_12_74-60_64_88-xen~7~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_93-default", rpm:"kgraft-patch-3_12_74-60_64_93-default~6~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_93-xen", rpm:"kgraft-patch-3_12_74-60_64_93-xen~6~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_96-default", rpm:"kgraft-patch-3_12_74-60_64_96-default~6~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_96-xen", rpm:"kgraft-patch-3_12_74-60_64_96-xen~6~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_99-default", rpm:"kgraft-patch-3_12_74-60_64_99-default~5~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kgraft-patch-3_12_74-60_64_99-xen", rpm:"kgraft-patch-3_12_74-60_64_99-xen~5~2.1", rls:"SLES12.0SP1"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
redhatcve
redhatcve
CVE-2018-18386
2020-04-08 21:01:24
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3772-1)
2018-11-16 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3787-1)
2018-11-19 00:00:00
EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-1027)
2019-02-14 00:00:00
f5
f5
K28280935 : Linux kernel vulnerability CVE-2018-18386
2019-01-31 00:00:00
debiancve
debiancve
CVE-2018-18386
2018-10-17 20:29:00
prion
prion
Type confusion
2018-10-17 20:29:00
cve
cve
CVE-2018-18386
2018-10-17 20:29:00
ubuntucve
ubuntucve
CVE-2018-18386
2018-10-17 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:3787-1)
2021-04-19 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1027)
2020-01-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:3589-1)
2021-06-09 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2018-12-11 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2018-11-07 21:11:37
Security update for the Linux Kernel (important)
2018-11-20 21:08:45
redhat
redhat
(RHSA-2019:0831) Important: kernel-alt security and bug fix update
2019-04-23 12:37:36
ubuntu
ubuntu
Linux kernel vulnerabilities
2018-12-20 00:00:00
Linux kernel (Trusty HWE) vulnerabilities
2018-12-20 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2019-0122
2019-01-09 00:00:00
Important Photon OS Security Update - PHSA-2018-0150
2018-06-21 00:00:00
3.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
5.9 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.2%
Related for OPENVAS:13614125623114201837721