Critical Photon OS Security Update - PHSA-2019-0128

2019-02-13T00:00:00

Description

Updates of ['linux-aws', 'libjpeg-turbo', 'libgd', 'docker', 'linux-secure', 'linux-esx', 'linux', 'curl', 'libtiff', 'systemd', 'gnupg'] packages of Photon OS have been released.

Affected Package

OS	OS Version	Package Name	Package Version
Photon	2.0	docker-doc	18.06.2-1.ph2
Photon	2.0	libgd	2.2.5-3.ph2
Photon	2.0	libtiff-devel	4.0.10-2.ph2
Photon	2.0	gnupg	2.1.20-4.ph2
Photon	2.0	systemd-devel	233-18.ph2
Photon	2.0	curl-libs	7.59.0-4.ph2
Photon	2.0	linux-aws-oprofile	4.9.154-1.ph2
Photon	2.0	linux-esx-docs	4.9.154-1.ph2
Photon	2.0	libtiff	4.0.10-2.ph2
Photon	2.0	curl	7.59.0-4.ph2
Photon	2.0	linux-secure-lkcm	4.9.154-1.ph2
Photon	2.0	linux-esx	4.9.154-1.ph2
Photon	2.0	linux-secure-devel	4.9.154-1.ph2
Photon	2.0	libtiff-debuginfo	4.0.10-2.ph2
Photon	2.0	docker	18.06.2-1.ph2
Photon	2.0	curl-devel	7.59.0-4.ph2
Photon	2.0	linux-esx-debuginfo	4.9.154-1.ph2
Photon	2.0	systemd-debuginfo	233-18.ph2
Photon	2.0	linux-secure	4.9.154-1.ph2
Photon	2.0	linux-debuginfo	4.9.154-1.ph2
Photon	2.0	libjpeg-turbo-devel	2.0.0-2.ph2
Photon	2.0	linux-aws-tools	4.9.154-1.ph2
Photon	2.0	libjpeg-turbo	2.0.0-2.ph2
Photon	2.0	linux-oprofile	4.9.154-1.ph2
Photon	2.0	libjpeg-turbo-debuginfo	2.0.0-2.ph2
Photon	2.0	systemd-lang	233-18.ph2
Photon	2.0	linux-tools	4.9.154-1.ph2
Photon	2.0	linux-devel	4.9.154-1.ph2
Photon	2.0	linux-secure-docs	4.9.154-1.ph2
Photon	2.0	linux-api-headers	4.9.154-1.ph2
Photon	2.0	systemd	233-18.ph2
Photon	2.0	linux	4.9.154-1.ph2
Photon	2.0	linux-secure-debuginfo	4.9.154-1.ph2
Photon	2.0	linux-esx-devel	4.9.154-1.ph2
Photon	2.0	linux-aws-drivers-gpu	4.9.154-1.ph2
Photon	2.0	libgd-devel	2.2.5-3.ph2
Photon	2.0	linux-aws-debuginfo	4.9.154-1.ph2
Photon	2.0	linux-docs	4.9.154-1.ph2
Photon	2.0	linux-aws-devel	4.9.154-1.ph2
Photon	2.0	linux-aws-sound	4.9.154-1.ph2
Photon	2.0	linux-drivers-gpu	4.9.154-1.ph2
Photon	2.0	libgd-debuginfo	2.2.5-3.ph2
Photon	2.0	curl-debuginfo	7.59.0-4.ph2
Photon	2.0	linux-sound	4.9.154-1.ph2
Photon	2.0	gnupg-debuginfo	2.1.20-4.ph2
Photon	2.0	linux-aws	4.9.154-1.ph2
Photon	2.0	linux-aws-docs	4.9.154-1.ph2

{"id": "PHSA-2019-0128", "vendorId": null, "type": "photon", "bulletinFamily": "unix", "title": "Critical Photon OS Security Update - PHSA-2019-0128", "description": "Updates of ['linux-aws', 'libjpeg-turbo', 'libgd', 'docker', 'linux-secure', 'linux-esx', 'linux', 'curl', 'libtiff', 'systemd', 'gnupg'] packages of Photon OS have been released.\n", "published": "2019-02-13T00:00:00", "modified": "2019-02-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 10.0}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-128", "reporter": "Photon", "references": [], "cvelist": ["CVE-2017-18249", "CVE-2018-12020", "CVE-2018-12900", "CVE-2018-14610", "CVE-2018-14613", "CVE-2018-14618", "CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842", "CVE-2018-16862", "CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2018-18690", "CVE-2018-19407", "CVE-2018-19664", "CVE-2018-19824", "CVE-2018-19985", "CVE-2018-20169", "CVE-2018-5953", "CVE-2019-15927", "CVE-2019-3701", "CVE-2019-5736", "CVE-2019-6978"], "immutableFields": [], "lastseen": "2022-05-12T18:28:18", "viewCount": 31, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:0975", "ALSA-2019:2722", "ALSA-2020:4659"]}, {"type": "altlinux", "idList": ["DA7EB86A979E50AA3788F1F41AC8607F"]}, {"type": "amazon", "idList": ["ALAS-2018-1045", "ALAS-2018-1112", "ALAS-2018-1133", "ALAS-2019-1145", "ALAS-2019-1148", "ALAS-2019-1156", "ALAS-2019-1174", "ALAS-2019-1306", "ALAS2-2018-1045", "ALAS2-2018-1133", "ALAS2-2018-1135", "ALAS2-2019-1141", "ALAS2-2019-1145", "ALAS2-2019-1160", "ALAS2-2019-1162", "ALAS2-2019-1174", "ALAS2-2019-1327", "ALAS2-2020-1533", "ALAS2-2021-1643", "ALAS2-2021-1647"]}, {"type": "androidsecurity", "idList": ["ANDROID:2018-08-01", "ANDROID:2019-10-01"]}, {"type": "archlinux", "idList": ["ASA-201806-8", "ASA-201811-4", "ASA-201811-5", "ASA-201811-6", "ASA-201811-7", "ASA-201811-8", "ASA-201811-9", "ASA-201901-4", "ASA-201901-9", "ASA-201902-20", "ASA-201902-6"]}, {"type": "avleonov", "idList": ["AVLEONOV:A9AB661A53F0E9B8923DE780E6F05F48"]}, {"type": "centos", "idList": ["CESA-2018:2180", "CESA-2018:2181", "CESA-2018:3083", "CESA-2019:0049", "CESA-2019:0201", "CESA-2019:1880", "CESA-2019:2029", "CESA-2019:2053", "CESA-2019:2091", "CESA-2019:2181", "CESA-2020:1016", "CESA-2020:3943"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2018-1596", "CPAI-2019-0203"]}, {"type": "cisco", "idList": ["CISCO-SA-20190215-RUNC"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:113EE4A0D1964F86FB868B10CFD0D5A9", "CFOUNDRY:131A4556633D91C9BF0AE72696FADB89", "CFOUNDRY:1CA625F1FA872E0AB995AFC970D36DBC", "CFOUNDRY:3021E4215989A1024954356EA766D914", "CFOUNDRY:40058483A2E2195544934D494FF464F7", "CFOUNDRY:417EF7E80F130AEB92D7C1BE6AE5436F", "CFOUNDRY:42AAF7551028B0160ADFF3B8012E3039", "CFOUNDRY:61ADF14D6FEC14FA5E06A7684B091D19", "CFOUNDRY:63AC599C6730C4293761CECD360AA195", "CFOUNDRY:7D5B2783B5DBD6FBD3B5B832351DF6B3", "CFOUNDRY:961DF4FE890AAAB1AFC4DAC75DFF04C7", "CFOUNDRY:A005A5D22D18F966EBF6C011F833E895", "CFOUNDRY:ACBE18A36EB39832526C9AA3F7A3E9CE", "CFOUNDRY:BD71AB043932448695E8B3D20302D582", "CFOUNDRY:DAEEFC1E9FDBBF02A1D3ACCD6434010C", "CFOUNDRY:DD23A5B6758E6355A1168BA51E212098", "CFOUNDRY:DD5D1D9C6111945649F25AEC016BA994", "CFOUNDRY:EFC04687630119FCBBD9AD5BD4734A0F"]}, {"type": "cve", "idList": ["CVE-2017-18249", "CVE-2018-12020", "CVE-2018-12900", "CVE-2018-14610", "CVE-2018-14613", "CVE-2018-14618", "CVE-2018-15878", "CVE-2018-15879", "CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842", "CVE-2018-16862", "CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2018-18690", "CVE-2018-19407", "CVE-2018-19664", "CVE-2018-19824", "CVE-2018-19985", "CVE-2018-20169", "CVE-2018-5953", "CVE-2019-12499", "CVE-2019-15927", "CVE-2019-3701", "CVE-2019-3815", "CVE-2019-5736", "CVE-2019-6978", "CVE-2019-7663", "CVE-2020-14298"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1498-1:1ACDF", "DEBIAN:DLA-1568-1:3204E", "DEBIAN:DLA-1568-1:BCC8A", "DEBIAN:DLA-1639-1:E2273", "DEBIAN:DLA-1651-1:BB7F6", "DEBIAN:DLA-1711-1:DE671", "DEBIAN:DLA-1711-1:E8CC3", "DEBIAN:DLA-1715-1:4A3F9", "DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E", "DEBIAN:DLA-1771-1:3CE68", "DEBIAN:DLA-2009-1:97403", "DEBIAN:DLA-2241-1:DE3AB", "DEBIAN:DLA-2241-2:3E557", "DEBIAN:DLA-2862-1:5FBB5", "DEBIAN:DSA-4222-1:9721C", "DEBIAN:DSA-4222-1:E134E", "DEBIAN:DSA-4223-1:2BDEC", "DEBIAN:DSA-4223-1:AA9DD", "DEBIAN:DSA-4224-1:6EEA7", "DEBIAN:DSA-4224-1:F5240", "DEBIAN:DSA-4286-1:21112", "DEBIAN:DSA-4331-1:5BA4B", "DEBIAN:DSA-4367-1:3D2E5", "DEBIAN:DSA-4367-1:BF4F4", "DEBIAN:DSA-4384-1:37BD7", "DEBIAN:DSA-4384-1:8D567", "DEBIAN:DSA-4670-1:2B394", "DEBIAN:DSA-4670-1:61330"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-18249", "DEBIANCVE:CVE-2018-12020", "DEBIANCVE:CVE-2018-12900", "DEBIANCVE:CVE-2018-14610", "DEBIANCVE:CVE-2018-14613", "DEBIANCVE:CVE-2018-14618", "DEBIANCVE:CVE-2018-16839", "DEBIANCVE:CVE-2018-16840", "DEBIANCVE:CVE-2018-16842", "DEBIANCVE:CVE-2018-16862", "DEBIANCVE:CVE-2018-16864", "DEBIANCVE:CVE-2018-16865", "DEBIANCVE:CVE-2018-16866", "DEBIANCVE:CVE-2018-18690", "DEBIANCVE:CVE-2018-19407", "DEBIANCVE:CVE-2018-19664", "DEBIANCVE:CVE-2018-19824", "DEBIANCVE:CVE-2018-19985", "DEBIANCVE:CVE-2018-20169", "DEBIANCVE:CVE-2018-5953", "DEBIANCVE:CVE-2019-12499", "DEBIANCVE:CVE-2019-15927", "DEBIANCVE:CVE-2019-3701", "DEBIANCVE:CVE-2019-3815", "DEBIANCVE:CVE-2019-5736", "DEBIANCVE:CVE-2019-6978", "DEBIANCVE:CVE-2019-7663", "DEBIANCVE:CVE-2020-14298"]}, {"type": "exploitdb", "idList": ["EDB-ID:46369"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:A525E32FDF6F1ECE16D67E1741C48E11"]}, {"type": "f5", "idList": ["F5:K04185528", "F5:K06044762", "F5:K17957133", "F5:K22040951", "F5:K30683410", "F5:K46421255", "F5:K55121327", "F5:K93554290", "F5:K93960557", "F5:K98155950"]}, {"type": "fedora", "idList": ["FEDORA:0210D601DA49", "FEDORA:041196190421", "FEDORA:04868606351B", "FEDORA:06A186172F8B", "FEDORA:0907F624D00F", "FEDORA:122AE604D3F9", "FEDORA:1308F60C4220", "FEDORA:1BF5960DA5CE", "FEDORA:1CAC0608E6F2", "FEDORA:1D3BD6049C24", "FEDORA:1EC0F60C8AD5", "FEDORA:20DCB60779B2", "FEDORA:22D77604972B", "FEDORA:23B4B60D1C89", "FEDORA:250CB6087A80", "FEDORA:28217613F7D7", "FEDORA:2836F613193B", "FEDORA:296826040AED", "FEDORA:2A1B360BC974", "FEDORA:2CDD76006271", "FEDORA:2DDF66042B0E", "FEDORA:3266960F0E44", "FEDORA:346E760BB4ED", "FEDORA:34EA76087F11", "FEDORA:37FA36077DE7", "FEDORA:3A64160C815D", "FEDORA:3BDF460779A7", "FEDORA:3C2FF6014B8C", "FEDORA:3C394606D98F", "FEDORA:41B546014626", "FEDORA:420A76030B23", "FEDORA:421346101A44", "FEDORA:4674E60F757C", "FEDORA:4A22960A514A", "FEDORA:4C97F60A514A", "FEDORA:4CEF5610D7CA", "FEDORA:4CF35608BFEA", "FEDORA:4D5AD601FDAC", "FEDORA:4D8AE60BA793", "FEDORA:511986124F82", "FEDORA:511A7608E6E1", "FEDORA:54CE66014B8C", "FEDORA:5956060491DC", "FEDORA:5A4D662AE22C", "FEDORA:5B68260A5858", "FEDORA:6381060486F6", "FEDORA:68AAE60937A8", "FEDORA:690DE6022BA8", "FEDORA:6B66A6047312", "FEDORA:6B6B360567FC", "FEDORA:6E67663233DB", "FEDORA:759B2649E501", "FEDORA:7960A6049C56", "FEDORA:79EAC605FC25", "FEDORA:7C149604D4D2", "FEDORA:7CCA26069A73", "FEDORA:7FBE46071258", "FEDORA:801196049C94", "FEDORA:813AC604EC12", "FEDORA:85FBF6076011", "FEDORA:86049613F7DD", "FEDORA:876686076974", "FEDORA:87D78601E81F", "FEDORA:89C9C6051B3A", "FEDORA:8B9C46099564", "FEDORA:8FD3E60491BA", "FEDORA:93C27603B29E", "FEDORA:95A686085F81", "FEDORA:980496059FC9", "FEDORA:98E8F6079A11", "FEDORA:995AF61F9AAB", "FEDORA:9BC696049C57", "FEDORA:9E3D9606D195", "FEDORA:A82626020BBE", "FEDORA:A9781604AF62", "FEDORA:AAA6460491BA", "FEDORA:AB5346014BB3", "FEDORA:AC0B8604948D", "FEDORA:AFDBD60E76E0", "FEDORA:B42946075886", "FEDORA:B7617604D9DA", "FEDORA:B87B460876BA", "FEDORA:BBFE360460D0", "FEDORA:BD35260BC96F", "FEDORA:C27016046193", "FEDORA:C34566075EEA", "FEDORA:C49D061F375F", "FEDORA:C4D496071279", "FEDORA:C64AE6007F37", "FEDORA:C6AF860C4240", "FEDORA:C8F726082DB8", "FEDORA:D013361742CE", "FEDORA:D0736603EB7F", "FEDORA:D208C60874AA", "FEDORA:D2B426045A04", "FEDORA:D35EC607603A", "FEDORA:D57626042B0A", "FEDORA:D685D603B26B", "FEDORA:D8E6160F62FB", "FEDORA:DBB1B659CBE0", "FEDORA:E1B606076F4E", "FEDORA:E37FD60924F1", "FEDORA:E3C59624D00E", "FEDORA:E66CE6076F5E", "FEDORA:E88866014636", "FEDORA:E93AE6077DCD", "FEDORA:EF6BA6045A0C", "FEDORA:F13E1604948D", "FEDORA:F417F60477C5"]}, {"type": "freebsd", "idList": ["7DA0417F-6B24-11E8-84CC-002590ACAE31", "E0AB1773-07C1-46C6-9170-4C5E81C00927", "F4D638B9-E6E5-4DBE-8C70-571DBC116174"]}, {"type": "gentoo", "idList": ["GLSA-201903-03", "GLSA-201903-07", "GLSA-201903-18", "GLSA-202003-21"]}, {"type": "githubexploit", "idList": ["1BB3E3DD-F59A-5A19-A6FD-5C20AD2531A3", "1BD47E86-3B10-5D96-B1C1-658AFD757407", "2F6984D3-FD79-5AB7-A71D-43FF8E8DABBF", "38F2629A-330D-5488-A1E9-B85A647EE2FD", "51C8D6A4-47A9-5CDF-B833-7159E9EC70EE", "7BF9A69C-010C-5E27-AFF1-BD5C35E75269", "7E3511B5-C528-5213-B2AD-D36D4F8ACC95", "89C838C0-79FF-5954-84E9-527AC74184B4", "C493E2BD-3B57-5FD7-BFB9-B71408617084", "CC081819-FE94-5E7C-AF61-E00A82E76DE2", "D438FC99-880C-54A1-AE03-121CCA980E24"]}, {"type": "hackerone", "idList": ["H1:495495", "H1:547630", "H1:872089"]}, {"type": "ibm", "idList": ["1A91FB8601D752BFD8B027B3D77C02E358257AF9F10E8B2DD58DEF09EE89D628", "1B0ED4A3526A4957AFA5966EC1D954AC93826AA8F95F1EF2E8A3A6657E73F691", "22C6665D00A9702426CEE593F4765FD3CD4EE170F8AA7F50D0505C6B2799BC21", "2F7D9559AE426A44085F66D3B32DC79DBD644723F26961D9815EF3606625EE87", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "39FA7810AE45CB9F7E0C88948CD306C85FD45D0E3AFC29148CB941215466B523", "54FB6726805D886796865FF32608051BEE914B969DCB3300B1E662574A92A04E", "778E9BCBB0C6BA17B28ABCBD1DAB3618758C7342EEF15BA587F9695C5C403BEB", "7CFB9BE2DA6D94FEBCA1C4AA8CF9F47ECB13D1F735997F5255B4A85A3E13B4E7", "89ECD262B4968A1CEAC0618400CB1E2118B5134D866FB3DB5A845EFBE37B4016", "9148A44BD9A1C1A13CCEBD8F0346557CF005830103920CDDC01519240525CB58", "9D763AD60BE480E57427EAA71CE9F1206750FEC3D94BAB5A2A0DC8CA510EFACC", "BEB7C34BABCEDADBF3FBACF8CEAA713D4D142B24ECDEAFD9A5F0A33F67656D53", "E9C1A49043693794000D0923340F217402D1FA6EE6CB02F1F2FBFA857D52D321", "EBBF00D1C8DFAC2AF76D93E0B377EBA032F2F9F1AAFD2C87CD6605C0927AEA08"]}, {"type": "ics", "idList": ["ICSA-19-099-04"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:5FB4BD7D34290CD0DF514F5CBED8F4CB"]}, {"type": "kitploit", "idList": ["KITPLOIT:1751489026679880812", "KITPLOIT:216801248370103608", "KITPLOIT:2822940433245346068", "KITPLOIT:4830265851778950745", "KITPLOIT:7323577050718865961", "KITPLOIT:8250648883616491970", "KITPLOIT:8656177976839178440"]}, {"type": "lenovo", "idList": ["LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2018-0292", "MGASA-2018-0316", "MGASA-2018-0321", "MGASA-2018-0354", "MGASA-2018-0423", "MGASA-2018-0487", "MGASA-2018-0493", "MGASA-2019-0068", "MGASA-2019-0073", "MGASA-2019-0085", "MGASA-2019-0087", "MGASA-2019-0097", "MGASA-2019-0098", "MGASA-2019-0101", "MGASA-2019-0171"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-LINUX-LOCAL-DOCKER_RUNC_ESCAPE-"]}, {"type": "myhack58", "idList": ["MYHACK58:62201992676"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1045.NASL", "AL2_ALAS-2018-1133.NASL", "AL2_ALAS-2018-1135.NASL", "AL2_ALAS-2019-1141.NASL", "AL2_ALAS-2019-1145.NASL", "AL2_ALAS-2019-1160.NASL", "AL2_ALAS-2019-1162.NASL", "AL2_ALAS-2019-1174.NASL", "AL2_ALAS-2019-1327.NASL", "AL2_ALAS-2020-1533.NASL", "AL2_ALAS-2021-1643.NASL", "AL2_ALAS-2021-1647.NASL", "ALA_ALAS-2018-1045.NASL", "ALA_ALAS-2018-1112.NASL", "ALA_ALAS-2018-1133.NASL", "ALA_ALAS-2019-1145.NASL", "ALA_ALAS-2019-1148.NASL", "ALA_ALAS-2019-1156.NASL", "ALA_ALAS-2019-1174.NASL", "ALA_ALAS-2019-1306.NASL", "ALMA_LINUX_ALSA-2019-2722.NASL", "ALMA_LINUX_ALSA-2020-4659.NASL", "CENTOS8_RHSA-2019-0975.NASL", "CENTOS8_RHSA-2019-2703.NASL", "CENTOS8_RHSA-2019-2722.NASL", "CENTOS8_RHSA-2019-3419.NASL", "CENTOS8_RHSA-2019-3517.NASL", "CENTOS8_RHSA-2020-4659.NASL", "CENTOS_DOCKER_CVE-2019-5736.NASL", "CENTOS_RHSA-2018-2180.NASL", "CENTOS_RHSA-2018-2181.NASL", "CENTOS_RHSA-2018-3083.NASL", "CENTOS_RHSA-2019-0049.NASL", "CENTOS_RHSA-2019-0201.NASL", "CENTOS_RHSA-2019-1880.NASL", "CENTOS_RHSA-2019-2053.NASL", "CENTOS_RHSA-2019-2091.NASL", "CENTOS_RHSA-2019-2181.NASL", "CENTOS_RHSA-2020-1016.NASL", "CENTOS_RHSA-2020-3943.NASL", "DEBIAN_DLA-1498.NASL", "DEBIAN_DLA-1568.NASL", "DEBIAN_DLA-1639.NASL", "DEBIAN_DLA-1651.NASL", "DEBIAN_DLA-1711.NASL", "DEBIAN_DLA-1715.NASL", "DEBIAN_DLA-1731.NASL", "DEBIAN_DLA-1771.NASL", "DEBIAN_DLA-2009.NASL", "DEBIAN_DLA-2241.NASL", "DEBIAN_DLA-2862.NASL", "DEBIAN_DSA-4222.NASL", "DEBIAN_DSA-4223.NASL", "DEBIAN_DSA-4224.NASL", "DEBIAN_DSA-4286.NASL", "DEBIAN_DSA-4331.NASL", "DEBIAN_DSA-4367.NASL", "DEBIAN_DSA-4384.NASL", "DEBIAN_DSA-4670.NASL", "EULEROS_SA-2018-1221.NASL", "EULEROS_SA-2018-1223.NASL", "EULEROS_SA-2018-1324.NASL", "EULEROS_SA-2018-1333.NASL", "EULEROS_SA-2018-1432.NASL", "EULEROS_SA-2019-1021.NASL", "EULEROS_SA-2019-1027.NASL", "EULEROS_SA-2019-1028.NASL", "EULEROS_SA-2019-1045.NASL", "EULEROS_SA-2019-1047.NASL", "EULEROS_SA-2019-1060.NASL", "EULEROS_SA-2019-1061.NASL", "EULEROS_SA-2019-1064.NASL", "EULEROS_SA-2019-1074.NASL", "EULEROS_SA-2019-1076.NASL", "EULEROS_SA-2019-1077.NASL", "EULEROS_SA-2019-1090.NASL", "EULEROS_SA-2019-1091.NASL", "EULEROS_SA-2019-1107.NASL", "EULEROS_SA-2019-1108.NASL", "EULEROS_SA-2019-1128.NASL", "EULEROS_SA-2019-1131.NASL", "EULEROS_SA-2019-1156.NASL", "EULEROS_SA-2019-1157.NASL", "EULEROS_SA-2019-1220.NASL", "EULEROS_SA-2019-1223.NASL", "EULEROS_SA-2019-1227.NASL", "EULEROS_SA-2019-1233.NASL", "EULEROS_SA-2019-1234.NASL", "EULEROS_SA-2019-1237.NASL", "EULEROS_SA-2019-1240.NASL", "EULEROS_SA-2019-1242.NASL", "EULEROS_SA-2019-1244.NASL", "EULEROS_SA-2019-1250.NASL", "EULEROS_SA-2019-1253.NASL", "EULEROS_SA-2019-1259.NASL", "EULEROS_SA-2019-1269.NASL", "EULEROS_SA-2019-1302.NASL", "EULEROS_SA-2019-1303.NASL", "EULEROS_SA-2019-1304.NASL", "EULEROS_SA-2019-1412.NASL", "EULEROS_SA-2019-1416.NASL", "EULEROS_SA-2019-1457.NASL", "EULEROS_SA-2019-1482.NASL", "EULEROS_SA-2019-1484.NASL", "EULEROS_SA-2019-1495.NASL", "EULEROS_SA-2019-1503.NASL", "EULEROS_SA-2019-1505.NASL", "EULEROS_SA-2019-1506.NASL", "EULEROS_SA-2019-1511.NASL", "EULEROS_SA-2019-1512.NASL", "EULEROS_SA-2019-1514.NASL", "EULEROS_SA-2019-1519.NASL", "EULEROS_SA-2019-1524.NASL", "EULEROS_SA-2019-1532.NASL", "EULEROS_SA-2019-1540.NASL", "EULEROS_SA-2019-1587.NASL", "EULEROS_SA-2019-1636.NASL", "EULEROS_SA-2019-1647.NASL", "EULEROS_SA-2019-1665.NASL", "EULEROS_SA-2019-1695.NASL", "EULEROS_SA-2019-1715.NASL", "EULEROS_SA-2019-1748.NASL", "EULEROS_SA-2019-1998.NASL", "EULEROS_SA-2019-2054.NASL", "EULEROS_SA-2019-2201.NASL", "EULEROS_SA-2019-2232.NASL", "EULEROS_SA-2019-2274.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2019-2410.NASL", "EULEROS_SA-2019-2466.NASL", "EULEROS_SA-2019-2621.NASL", "EULEROS_SA-2020-1186.NASL", "EULEROS_SA-2020-1216.NASL", "EULEROS_SA-2020-1451.NASL", "EULEROS_SA-2020-1626.NASL", "EULEROS_SA-2021-1056.NASL", "EULEROS_SA-2021-1079.NASL", "EULEROS_SA-2021-2071.NASL", "F5_BIGIP_SOL06044762.NASL", "F5_BIGIP_SOL22040951.NASL", "FEDORA_2018-111044D435.NASL", "FEDORA_2018-298A3D2923.NASL", "FEDORA_2018-3857A8B41A.NASL", "FEDORA_2018-3DC16842E2.NASL", "FEDORA_2018-4EF71D3525.NASL", "FEDORA_2018-5904D0794D.NASL", "FEDORA_2018-69780FC4D7.NASL", "FEDORA_2018-69BAC0F51C.NASL", "FEDORA_2018-6E8C330D50.NASL", "FEDORA_2018-7785911C9E.NASL", "FEDORA_2018-7F83032DE6.NASL", "FEDORA_2018-84FDBD021F.NASL", "FEDORA_2018-87BA0312C2.NASL", "FEDORA_2018-A0914AF224.NASL", "FEDORA_2018-A4E13742B4.NASL", "FEDORA_2018-BA443BCB6D.NASL", "FEDORA_2018-FDC4CA8675.NASL", "FEDORA_2019-18B3A10C7F.NASL", "FEDORA_2019-2BAA1F7B19.NASL", "FEDORA_2019-337484D88B.NASL", "FEDORA_2019-352D4B9CD8.NASL", "FEDORA_2019-3F19F13ECD.NASL", "FEDORA_2019-4DC1E39B34.NASL", "FEDORA_2019-6174B47003.NASL", "FEDORA_2019-76FBE24CAB.NASL", "FEDORA_2019-7A06C0E6B4.NASL", "FEDORA_2019-829524F28F.NASL", "FEDORA_2019-963EA958F9.NASL", "FEDORA_2019-A018522BA3.NASL", "FEDORA_2019-A5F616808E.NASL", "FEDORA_2019-AB7D22A466.NASL", "FEDORA_2019-AE92CA8981.NASL", "FEDORA_2019-B0F7A7B74B.NASL", "FEDORA_2019-BC70B381AD.NASL", "FEDORA_2019-C1DAC1B3B8.NASL", "FEDORA_2019-D7F8995451.NASL", "FEDORA_2019-DF2E68AA6B.NASL", "FEDORA_2019-E9BC354EE8.NASL", "FEDORA_2019-F455EF79B8.NASL", "FEDORA_2019-FD9345F44A.NASL", "FREEBSD_PKG_7DA0417F6B2411E884CC002590ACAE31.NASL", "FREEBSD_PKG_E0AB177307C146C691704C5E81C00927.NASL", "FREEBSD_PKG_F4D638B9E6E54DBE8C70571DBC116174.NASL", "GENTOO_GLSA-201903-03.NASL", "GENTOO_GLSA-201903-07.NASL", "GENTOO_GLSA-201903-18.NASL", "GENTOO_GLSA-202003-21.NASL", "JUNIPER_SPACE_JSA10917_184R1.NASL", "NEWSTART_CGSL_NS-SA-2019-0023_GNUPG2.NASL", "NEWSTART_CGSL_NS-SA-2019-0051_SYSTEMD.NASL", "NEWSTART_CGSL_NS-SA-2019-0057_SYSTEMD.NASL", "NEWSTART_CGSL_NS-SA-2019-0070_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0074_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0135_GNUPG2.NASL", "NEWSTART_CGSL_NS-SA-2019-0171_CURL.NASL", "NEWSTART_CGSL_NS-SA-2019-0182_CURL.NASL", "NEWSTART_CGSL_NS-SA-2019-0185_LIBTIFF.NASL", "NEWSTART_CGSL_NS-SA-2019-0193_CURL.NASL", "NEWSTART_CGSL_NS-SA-2019-0196_SYSTEMD.NASL", "NEWSTART_CGSL_NS-SA-2019-0227_LIBTIFF.NASL", "NEWSTART_CGSL_NS-SA-2019-0235_CURL.NASL", "NEWSTART_CGSL_NS-SA-2019-0242_SYSTEMD.NASL", "NEWSTART_CGSL_NS-SA-2020-0041_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0043_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2020-0082_DOCKER-CE.NASL", "NEWSTART_CGSL_NS-SA-2020-0108_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0006_CONTAINERD_IO.NASL", "NEWSTART_CGSL_NS-SA-2021-0066_GD.NASL", "NEWSTART_CGSL_NS-SA-2021-0098_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0138_DOCKER-CE.NASL", "NEWSTART_CGSL_NS-SA-2022-0026_KERNEL.NASL", "OPENSUSE-2018-1008.NASL", "OPENSUSE-2018-1010.NASL", "OPENSUSE-2018-1140.NASL", "OPENSUSE-2018-1184.NASL", "OPENSUSE-2018-1379.NASL", "OPENSUSE-2018-1383.NASL", "OPENSUSE-2018-1427.NASL", "OPENSUSE-2018-1479.NASL", "OPENSUSE-2018-1480.NASL", "OPENSUSE-2018-630.NASL", "OPENSUSE-2018-640.NASL", "OPENSUSE-2018-646.NASL", "OPENSUSE-2018-656.NASL", "OPENSUSE-2019-1079.NASL", "OPENSUSE-2019-1140.NASL", "OPENSUSE-2019-1148.NASL", "OPENSUSE-2019-1275.NASL", "OPENSUSE-2019-1311.NASL", "OPENSUSE-2019-140.NASL", "OPENSUSE-2019-1444.NASL", "OPENSUSE-2019-1481.NASL", "OPENSUSE-2019-1499.NASL", "OPENSUSE-2019-201.NASL", "OPENSUSE-2019-2021.NASL", "OPENSUSE-2019-207.NASL", "OPENSUSE-2019-208.NASL", "OPENSUSE-2019-2173.NASL", "OPENSUSE-2019-2181.NASL", "OPENSUSE-2019-2245.NASL", "OPENSUSE-2019-252.NASL", "OPENSUSE-2019-295.NASL", "OPENSUSE-2019-477.NASL", "OPENSUSE-2019-478.NASL", "OPENSUSE-2019-480.NASL", "OPENSUSE-2019-65.NASL", "OPENSUSE-2019-694.NASL", "OPENSUSE-2019-769.NASL", "OPENSUSE-2019-903.NASL", "OPENSUSE-2019-962.NASL", "OPENSUSE-2019-97.NASL", "OPENSUSE-2019-98.NASL", "OPENSUSE-2020-543.NASL", "ORACLELINUX_ELSA-2018-2180.NASL", "ORACLELINUX_ELSA-2018-2181.NASL", "ORACLELINUX_ELSA-2018-3083.NASL", "ORACLELINUX_ELSA-2018-4270.NASL", "ORACLELINUX_ELSA-2018-4299.NASL", "ORACLELINUX_ELSA-2019-0049.NASL", "ORACLELINUX_ELSA-2019-0201.NASL", "ORACLELINUX_ELSA-2019-0975.NASL", "ORACLELINUX_ELSA-2019-1880.NASL", "ORACLELINUX_ELSA-2019-2703.NASL", "ORACLELINUX_ELSA-2019-2722.NASL", "ORACLELINUX_ELSA-2019-4509.NASL", "ORACLELINUX_ELSA-2019-4510.NASL", "ORACLELINUX_ELSA-2019-4570.NASL", "ORACLELINUX_ELSA-2019-4575.NASL", "ORACLELINUX_ELSA-2019-4596.NASL", "ORACLELINUX_ELSA-2019-4600.NASL", "ORACLELINUX_ELSA-2019-4612.NASL", "ORACLELINUX_ELSA-2019-4642.NASL", "ORACLELINUX_ELSA-2019-4643.NASL", "ORACLELINUX_ELSA-2019-4644.NASL", "ORACLELINUX_ELSA-2019-4646.NASL", "ORACLELINUX_ELSA-2019-4729.NASL", "ORACLELINUX_ELSA-2019-4854.NASL", "ORACLELINUX_ELSA-2019-4855.NASL", "ORACLELINUX_ELSA-2020-3943.NASL", "ORACLELINUX_ELSA-2020-4659.NASL", "ORACLELINUX_ELSA-2020-5642.NASL", "ORACLELINUX_ELSA-2020-5644.NASL", "ORACLELINUX_ELSA-2020-5649.NASL", "ORACLELINUX_ELSA-2020-5739.NASL", "ORACLELINUX_ELSA-2020-5845.NASL", "ORACLELINUX_ELSA-2020-5866.NASL", "ORACLELINUX_ELSA-2021-9203.NASL", "ORACLEVM_OVMSA-2018-0239.NASL", "ORACLEVM_OVMSA-2018-0286.NASL", "ORACLEVM_OVMSA-2019-0002.NASL", "ORACLEVM_OVMSA-2019-0009.NASL", "ORACLEVM_OVMSA-2019-0014.NASL", "ORACLEVM_OVMSA-2019-0022.NASL", "ORACLEVM_OVMSA-2019-0038.NASL", "ORACLEVM_OVMSA-2020-0019.NASL", "ORACLEVM_OVMSA-2020-0044.NASL", "PHOTONOS_PHSA-2018-1_0-0165.NASL", "PHOTONOS_PHSA-2018-1_0-0165_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0072.NASL", "PHOTONOS_PHSA-2018-2_0-0072_LINUX.NASL", "PHOTONOS_PHSA-2019-1_0-0203_CURL.NASL", "PHOTONOS_PHSA-2019-1_0-0205_CURL.NASL", "PHOTONOS_PHSA-2019-1_0-0205_LINUX.NASL", "PHOTONOS_PHSA-2019-1_0-0205_SYSTEMD.NASL", "PHOTONOS_PHSA-2019-1_0-0240_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0063_LIBJPEG.NASL", "RANCHEROS_1_5_1.NASL", "REDHAT-RHSA-2018-2180.NASL", "REDHAT-RHSA-2018-2181.NASL", "REDHAT-RHSA-2018-3083.NASL", "REDHAT-RHSA-2018-3096.NASL", "REDHAT-RHSA-2019-0049.NASL", "REDHAT-RHSA-2019-0201.NASL", "REDHAT-RHSA-2019-0204.NASL", "REDHAT-RHSA-2019-0271.NASL", "REDHAT-RHSA-2019-0303.NASL", "REDHAT-RHSA-2019-0304.NASL", "REDHAT-RHSA-2019-0342.NASL", "REDHAT-RHSA-2019-0361.NASL", "REDHAT-RHSA-2019-0408.NASL", "REDHAT-RHSA-2019-0975.NASL", "REDHAT-RHSA-2019-1880.NASL", "REDHAT-RHSA-2019-2053.NASL", "REDHAT-RHSA-2019-2091.NASL", "REDHAT-RHSA-2019-2181.NASL", "REDHAT-RHSA-2019-2402.NASL", "REDHAT-RHSA-2019-2703.NASL", "REDHAT-RHSA-2019-2722.NASL", "REDHAT-RHSA-2019-2741.NASL", "REDHAT-RHSA-2019-3222.NASL", "REDHAT-RHSA-2019-3309.NASL", "REDHAT-RHSA-2019-3419.NASL", "REDHAT-RHSA-2019-3517.NASL", "REDHAT-RHSA-2020-0593.NASL", "REDHAT-RHSA-2020-1016.NASL", "REDHAT-RHSA-2020-1070.NASL", "REDHAT-RHSA-2020-1264.NASL", "REDHAT-RHSA-2020-2522.NASL", "REDHAT-RHSA-2020-2653.NASL", "REDHAT-RHSA-2020-2770.NASL", "REDHAT-RHSA-2020-2777.NASL", "REDHAT-RHSA-2020-2851.NASL", "REDHAT-RHSA-2020-3943.NASL", "REDHAT-RHSA-2020-4659.NASL", "SLACKWARE_SSA_2018-159-01.NASL", "SLACKWARE_SSA_2018-170-01.NASL", "SLACKWARE_SSA_2018-249-01.NASL", "SLACKWARE_SSA_2018-304-01.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SLACKWARE_SSA_2020-083-01.NASL", "SL_20180712_GNUPG2_ON_SL6_X.NASL", "SL_20180712_GNUPG2_ON_SL7_X.NASL", "SL_20190114_SYSTEMD_ON_SL7_X.NASL", "SL_20190129_SYSTEMD_ON_SL7_X.NASL", "SL_20190729_CURL_ON_SL7_X.NASL", "SL_20190806_CURL_ON_SL7_X.NASL", "SL_20190806_LIBTIFF_ON_SL7_X.NASL", "SL_20190806_SYSTEMD_ON_SL7_X.NASL", "SL_20200407_KERNEL_ON_SL7_X.NASL", "SL_20201001_LIBWMF_ON_SL7_X.NASL", "SUSE_SU-2018-1696-1.NASL", "SUSE_SU-2018-1698-1.NASL", "SUSE_SU-2018-1698-2.NASL", "SUSE_SU-2018-1772-1.NASL", "SUSE_SU-2018-1814-1.NASL", "SUSE_SU-2018-1855-1.NASL", "SUSE_SU-2018-1855-2.NASL", "SUSE_SU-2018-2714-1.NASL", "SUSE_SU-2018-2715-1.NASL", "SUSE_SU-2018-2717-1.NASL", "SUSE_SU-2018-2980-1.NASL", "SUSE_SU-2018-3003-1.NASL", "SUSE_SU-2018-3608-1.NASL", "SUSE_SU-2018-3624-1.NASL", "SUSE_SU-2018-3681-1.NASL", "SUSE_SU-2018-3689-1.NASL", "SUSE_SU-2018-3879-1.NASL", "SUSE_SU-2018-3911-1.NASL", "SUSE_SU-2018-3911-2.NASL", "SUSE_SU-2018-3925-1.NASL", "SUSE_SU-2018-4069-1.NASL", "SUSE_SU-2019-0053-1.NASL", "SUSE_SU-2019-0054-1.NASL", "SUSE_SU-2019-0095-1.NASL", "SUSE_SU-2019-0135-1.NASL", "SUSE_SU-2019-0137-1.NASL", "SUSE_SU-2019-0148-1.NASL", "SUSE_SU-2019-0196-1.NASL", "SUSE_SU-2019-0222-1.NASL", "SUSE_SU-2019-0224-1.NASL", "SUSE_SU-2019-0333-1.NASL", "SUSE_SU-2019-0339-1.NASL", "SUSE_SU-2019-0362-1.NASL", "SUSE_SU-2019-0439-1.NASL", "SUSE_SU-2019-0495-1.NASL", "SUSE_SU-2019-0541-1.NASL", "SUSE_SU-2019-0747-1.NASL", "SUSE_SU-2019-0771-1.NASL", "SUSE_SU-2019-0901-1.NASL", "SUSE_SU-2019-0996-1.NASL", "SUSE_SU-2019-1234-2.NASL", "SUSE_SU-2019-1287-1.NASL", "SUSE_SU-2019-1289-1.NASL", "SUSE_SU-2019-13937-1.NASL", "SUSE_SU-2019-13961-1.NASL", "SUSE_SU-2019-13979-1.NASL", "SUSE_SU-2019-14218-1.NASL", "SUSE_SU-2019-2117-1.NASL", "SUSE_SU-2019-2412-1.NASL", "SUSE_SU-2019-2414-1.NASL", "SUSE_SU-2019-2424-1.NASL", "SUSE_SU-2019-2648-1.NASL", "SUSE_SU-2019-2738-1.NASL", "SUSE_SU-2019-2949-1.NASL", "SUSE_SU-2019-2950-1.NASL", "SUSE_SU-2019-2984-1.NASL", "SUSE_SU-2020-1118-1.NASL", "SUSE_SU-2020-1119-1.NASL", "SUSE_SU-2020-1123-1.NASL", "SUSE_SU-2020-1141-1.NASL", "SUSE_SU-2020-1142-1.NASL", "SUSE_SU-2020-1146-1.NASL", "SUSE_SU-2020-1255-1.NASL", "SUSE_SU-2020-1275-1.NASL", "SUSE_SU-2020-1663-1.NASL", "SUSE_SU-2022-1516-1.NASL", "SUSE_SU-2022-1560-1.NASL", "UBUNTU_USN-3675-1.NASL", "UBUNTU_USN-3675-2.NASL", "UBUNTU_USN-3765-1.NASL", "UBUNTU_USN-3805-1.NASL", "UBUNTU_USN-3847-1.NASL", "UBUNTU_USN-3847-2.NASL", "UBUNTU_USN-3847-3.NASL", "UBUNTU_USN-3848-1.NASL", "UBUNTU_USN-3848-2.NASL", "UBUNTU_USN-3849-1.NASL", "UBUNTU_USN-3855-1.NASL", "UBUNTU_USN-3871-1.NASL", "UBUNTU_USN-3871-2.NASL", "UBUNTU_USN-3871-3.NASL", "UBUNTU_USN-3871-4.NASL", "UBUNTU_USN-3871-5.NASL", "UBUNTU_USN-3872-1.NASL", "UBUNTU_USN-3878-1.NASL", "UBUNTU_USN-3878-2.NASL", "UBUNTU_USN-3879-1.NASL", "UBUNTU_USN-3879-2.NASL", "UBUNTU_USN-3900-1.NASL", "UBUNTU_USN-3906-1.NASL", "UBUNTU_USN-3910-1.NASL", "UBUNTU_USN-3910-2.NASL", "UBUNTU_USN-3930-1.NASL", "UBUNTU_USN-3930-2.NASL", "UBUNTU_USN-3931-1.NASL", "UBUNTU_USN-3931-2.NASL", "UBUNTU_USN-3932-1.NASL", "UBUNTU_USN-3932-2.NASL", "UBUNTU_USN-3933-1.NASL", "UBUNTU_USN-3964-1.NASL", "UBUNTU_USN-4048-1.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4115-1.NASL", "UBUNTU_USN-4115-2.NASL", "UBUNTU_USN-4118-1.NASL", "UBUNTU_USN-4190-1.NASL", "VIRTUOZZO_VZA-2019-008.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310141997", "OPENVAS:1361412562310704222", "OPENVAS:1361412562310704223", "OPENVAS:1361412562310704224", "OPENVAS:1361412562310704286", "OPENVAS:1361412562310704331", "OPENVAS:1361412562310704367", "OPENVAS:1361412562310704384", "OPENVAS:1361412562310704390", "OPENVAS:1361412562310704670", "OPENVAS:1361412562310843550", "OPENVAS:1361412562310843562", "OPENVAS:1361412562310843701", "OPENVAS:1361412562310843802", "OPENVAS:1361412562310843856", "OPENVAS:1361412562310843857", "OPENVAS:1361412562310843858", "OPENVAS:1361412562310843859", "OPENVAS:1361412562310843860", "OPENVAS:1361412562310843861", "OPENVAS:1361412562310843868", "OPENVAS:1361412562310843884", "OPENVAS:1361412562310843885", "OPENVAS:1361412562310843891", "OPENVAS:1361412562310843892", "OPENVAS:1361412562310843893", "OPENVAS:1361412562310843894", "OPENVAS:1361412562310843895", "OPENVAS:1361412562310843897", "OPENVAS:1361412562310843903", "OPENVAS:1361412562310843904", "OPENVAS:1361412562310843921", "OPENVAS:1361412562310843931", "OPENVAS:1361412562310843934", "OPENVAS:1361412562310843935", "OPENVAS:1361412562310843951", "OPENVAS:1361412562310843952", "OPENVAS:1361412562310843953", "OPENVAS:1361412562310843954", "OPENVAS:1361412562310843957", "OPENVAS:1361412562310843959", "OPENVAS:1361412562310843960", "OPENVAS:1361412562310843992", "OPENVAS:1361412562310844086", "OPENVAS:1361412562310844133", "OPENVAS:1361412562310844156", "OPENVAS:1361412562310844159", "OPENVAS:1361412562310844174", "OPENVAS:1361412562310844239", "OPENVAS:1361412562310851788", "OPENVAS:1361412562310851792", "OPENVAS:1361412562310851795", "OPENVAS:1361412562310851892", "OPENVAS:1361412562310851937", "OPENVAS:1361412562310852024", "OPENVAS:1361412562310852036", "OPENVAS:1361412562310852091", "OPENVAS:1361412562310852115", "OPENVAS:1361412562310852120", "OPENVAS:1361412562310852140", "OPENVAS:1361412562310852150", "OPENVAS:1361412562310852153", "OPENVAS:1361412562310852240", "OPENVAS:1361412562310852259", "OPENVAS:1361412562310852260", "OPENVAS:1361412562310852274", "OPENVAS:1361412562310852299", "OPENVAS:1361412562310852308", "OPENVAS:1361412562310852310", "OPENVAS:1361412562310852319", "OPENVAS:1361412562310852335", "OPENVAS:1361412562310852379", "OPENVAS:1361412562310852397", "OPENVAS:1361412562310852398", "OPENVAS:1361412562310852450", "OPENVAS:1361412562310852527", "OPENVAS:1361412562310852536", "OPENVAS:1361412562310852679", "OPENVAS:1361412562310852705", "OPENVAS:1361412562310852819", "OPENVAS:1361412562310852826", "OPENVAS:1361412562310852855", "OPENVAS:1361412562310853121", "OPENVAS:1361412562310874682", "OPENVAS:1361412562310874700", "OPENVAS:1361412562310874702", "OPENVAS:1361412562310874703", "OPENVAS:1361412562310874705", "OPENVAS:1361412562310874711", "OPENVAS:1361412562310874775", "OPENVAS:1361412562310875050", "OPENVAS:1361412562310875089", "OPENVAS:1361412562310875243", "OPENVAS:1361412562310875313", "OPENVAS:1361412562310875325", "OPENVAS:1361412562310875326", "OPENVAS:1361412562310875330", "OPENVAS:1361412562310875348", "OPENVAS:1361412562310875349", "OPENVAS:1361412562310875356", "OPENVAS:1361412562310875368", "OPENVAS:1361412562310875369", "OPENVAS:1361412562310875371", "OPENVAS:1361412562310875404", "OPENVAS:1361412562310875406", "OPENVAS:1361412562310875407", "OPENVAS:1361412562310875414", "OPENVAS:1361412562310875423", "OPENVAS:1361412562310875438", "OPENVAS:1361412562310875443", "OPENVAS:1361412562310875451", "OPENVAS:1361412562310875459", "OPENVAS:1361412562310875464", "OPENVAS:1361412562310875467", "OPENVAS:1361412562310875472", "OPENVAS:1361412562310875473", "OPENVAS:1361412562310875476", "OPENVAS:1361412562310875482", "OPENVAS:1361412562310875502", "OPENVAS:1361412562310875506", "OPENVAS:1361412562310875559", "OPENVAS:1361412562310875566", "OPENVAS:1361412562310875577", "OPENVAS:1361412562310875618", "OPENVAS:1361412562310875628", "OPENVAS:1361412562310875629", "OPENVAS:1361412562310875681", "OPENVAS:1361412562310875688", "OPENVAS:1361412562310875689", "OPENVAS:1361412562310875706", "OPENVAS:1361412562310875785", "OPENVAS:1361412562310875786", "OPENVAS:1361412562310875801", "OPENVAS:1361412562310875806", "OPENVAS:1361412562310875834", "OPENVAS:1361412562310875870", "OPENVAS:1361412562310875894", "OPENVAS:1361412562310875910", "OPENVAS:1361412562310875911", "OPENVAS:1361412562310875913", "OPENVAS:1361412562310875923", "OPENVAS:1361412562310875946", "OPENVAS:1361412562310875978", "OPENVAS:1361412562310875984", "OPENVAS:1361412562310876042", "OPENVAS:1361412562310876049", "OPENVAS:1361412562310876088", "OPENVAS:1361412562310876095", "OPENVAS:1361412562310876105", "OPENVAS:1361412562310876135", "OPENVAS:1361412562310876139", "OPENVAS:1361412562310876163", "OPENVAS:1361412562310876177", "OPENVAS:1361412562310876244", "OPENVAS:1361412562310876281", "OPENVAS:1361412562310876322", "OPENVAS:1361412562310876361", "OPENVAS:1361412562310876377", "OPENVAS:1361412562310876423", "OPENVAS:1361412562310876445", "OPENVAS:1361412562310876475", "OPENVAS:1361412562310876479", "OPENVAS:1361412562310876510", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310876586", "OPENVAS:1361412562310876621", "OPENVAS:1361412562310876666", "OPENVAS:1361412562310876722", "OPENVAS:1361412562310876750", "OPENVAS:1361412562310876761", "OPENVAS:1361412562310876762", "OPENVAS:1361412562310876766", "OPENVAS:1361412562310876767", "OPENVAS:1361412562310876768", "OPENVAS:1361412562310876772", "OPENVAS:1361412562310876816", "OPENVAS:1361412562310876863", "OPENVAS:1361412562310876869", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310876979", "OPENVAS:1361412562310876980", "OPENVAS:1361412562310876995", "OPENVAS:1361412562310877270", "OPENVAS:1361412562310877642", "OPENVAS:1361412562310882921", "OPENVAS:1361412562310882922", "OPENVAS:1361412562310882992", "OPENVAS:1361412562310882996", "OPENVAS:1361412562310883093", "OPENVAS:1361412562310891498", "OPENVAS:1361412562310891568", "OPENVAS:1361412562310891639", "OPENVAS:1361412562310891651", "OPENVAS:1361412562310891711", "OPENVAS:1361412562310891715", "OPENVAS:1361412562310891731", "OPENVAS:1361412562310891771", "OPENVAS:1361412562310892009", "OPENVAS:1361412562310892241", "OPENVAS:1361412562311220181221", "OPENVAS:1361412562311220181223", "OPENVAS:1361412562311220181324", "OPENVAS:1361412562311220181333", "OPENVAS:1361412562311220181432", "OPENVAS:1361412562311220191021", "OPENVAS:1361412562311220191027", "OPENVAS:1361412562311220191028", "OPENVAS:1361412562311220191045", "OPENVAS:1361412562311220191047", "OPENVAS:1361412562311220191060", "OPENVAS:1361412562311220191061", "OPENVAS:1361412562311220191064", "OPENVAS:1361412562311220191074", "OPENVAS:1361412562311220191076", "OPENVAS:1361412562311220191077", "OPENVAS:1361412562311220191090", "OPENVAS:1361412562311220191091", "OPENVAS:1361412562311220191107", "OPENVAS:1361412562311220191108", "OPENVAS:1361412562311220191128", "OPENVAS:1361412562311220191131", "OPENVAS:1361412562311220191156", "OPENVAS:1361412562311220191157", "OPENVAS:1361412562311220191220", "OPENVAS:1361412562311220191223", "OPENVAS:1361412562311220191227", "OPENVAS:1361412562311220191233", "OPENVAS:1361412562311220191234", "OPENVAS:1361412562311220191237", "OPENVAS:1361412562311220191240", "OPENVAS:1361412562311220191242", "OPENVAS:1361412562311220191244", "OPENVAS:1361412562311220191250", "OPENVAS:1361412562311220191253", "OPENVAS:1361412562311220191259", "OPENVAS:1361412562311220191269", "OPENVAS:1361412562311220191302", "OPENVAS:1361412562311220191303", "OPENVAS:1361412562311220191304", "OPENVAS:1361412562311220191345", "OPENVAS:1361412562311220191412", "OPENVAS:1361412562311220191416", "OPENVAS:1361412562311220191457", "OPENVAS:1361412562311220191482", "OPENVAS:1361412562311220191484", "OPENVAS:1361412562311220191495", "OPENVAS:1361412562311220191503", "OPENVAS:1361412562311220191505", "OPENVAS:1361412562311220191506", "OPENVAS:1361412562311220191511", "OPENVAS:1361412562311220191512", "OPENVAS:1361412562311220191514", "OPENVAS:1361412562311220191519", "OPENVAS:1361412562311220191524", "OPENVAS:1361412562311220191532", "OPENVAS:1361412562311220191540", "OPENVAS:1361412562311220191587", "OPENVAS:1361412562311220191629", "OPENVAS:1361412562311220191636", "OPENVAS:1361412562311220191647", "OPENVAS:1361412562311220191665", "OPENVAS:1361412562311220191695", "OPENVAS:1361412562311220191715", "OPENVAS:1361412562311220191748", "OPENVAS:1361412562311220191998", "OPENVAS:1361412562311220192054", "OPENVAS:1361412562311220192201", "OPENVAS:1361412562311220192232", "OPENVAS:1361412562311220192274", "OPENVAS:1361412562311220192353", "OPENVAS:1361412562311220192410", "OPENVAS:1361412562311220192466", "OPENVAS:1361412562311220192621", "OPENVAS:1361412562311220201186", "OPENVAS:1361412562311220201216", "OPENVAS:1361412562311220201451", "OPENVAS:1361412562311220201626"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2019", "ORACLE:CPUAPR2019-5072813", "ORACLE:CPUAPR2021", "ORACLE:CPUOCT2019", "ORACLE:CPUOCT2019-5072832"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-2180", "ELSA-2018-2181", "ELSA-2018-4270", "ELSA-2018-4299", "ELSA-2019-0049", "ELSA-2019-0975", "ELSA-2019-1880", "ELSA-2019-2053", "ELSA-2019-2091", "ELSA-2019-2181", "ELSA-2019-2703", "ELSA-2019-2722", "ELSA-2019-3419", "ELSA-2019-3517", "ELSA-2019-4509", "ELSA-2019-4510", "ELSA-2019-4540", "ELSA-2019-4550", "ELSA-2019-4551", "ELSA-2019-4570", "ELSA-2019-4575", "ELSA-2019-4596", "ELSA-2019-4600", "ELSA-2019-4612", "ELSA-2019-4642", "ELSA-2019-4643", "ELSA-2019-4644", "ELSA-2019-4646", "ELSA-2019-4729", "ELSA-2019-4756", "ELSA-2019-4854", "ELSA-2019-4855", "ELSA-2020-0348", "ELSA-2020-1016", "ELSA-2020-3053", "ELSA-2020-3943", "ELSA-2020-4659", "ELSA-2020-5642", "ELSA-2020-5644", "ELSA-2020-5649", "ELSA-2020-5728", "ELSA-2020-5739", "ELSA-2020-5823", "ELSA-2020-5845", "ELSA-2020-5866", "ELSA-2020-5900", "ELSA-2020-5966", "ELSA-2021-0705", "ELSA-2021-9203"]}, {"type": "osv", "idList": ["OSV:DLA-1498-1", "OSV:DLA-1568-1", "OSV:DLA-1639-1", "OSV:DLA-1651-1", "OSV:DLA-1711-1", "OSV:DLA-1715-1", "OSV:DLA-1731-1", "OSV:DLA-1771-1", "OSV:DLA-2009-1", "OSV:DLA-2241-1", "OSV:DLA-2862-1", "OSV:DSA-4222-1", "OSV:DSA-4223-1", "OSV:DSA-4224-1", "OSV:DSA-4286-1", "OSV:DSA-4331-1", "OSV:DSA-4367-1", "OSV:DSA-4367-2", "OSV:DSA-4384-1", "OSV:DSA-4670-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:163339"]}, {"type": "photon", "idList": ["PHSA-2018-0072", "PHSA-2018-0165", "PHSA-2018-1.0-0165", "PHSA-2018-2.0-0072", "PHSA-2019-0001", "PHSA-2019-0161", "PHSA-2019-0203", "PHSA-2019-0205", "PHSA-2019-0206", "PHSA-2019-0207", "PHSA-2019-0208", "PHSA-2019-0212", "PHSA-2019-0239", "PHSA-2019-0240", "PHSA-2019-1.0-0203", "PHSA-2019-1.0-0205", "PHSA-2019-1.0-0206", "PHSA-2019-1.0-0208", "PHSA-2019-1.0-0212", "PHSA-2019-1.0-0240", "PHSA-2019-2.0-0128", "PHSA-2019-2.0-0129", "PHSA-2019-2.0-0161", "PHSA-2019-3.0-0001", "PHSA-2020-0063", "PHSA-2020-3.0-0063"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:1ECEF05BCE67BDE50D7D24223957B465"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:0F6591D77D4CBF34DE05F02E4D29B606"]}, {"type": "redhat", "idList": ["RHSA-2018:2180", "RHSA-2018:2181", "RHSA-2018:3083", "RHSA-2018:3096", "RHSA-2018:3558", "RHSA-2019:0049", "RHSA-2019:0201", "RHSA-2019:0204", "RHSA-2019:0271", "RHSA-2019:0303", "RHSA-2019:0304", "RHSA-2019:0342", "RHSA-2019:0361", "RHSA-2019:0401", "RHSA-2019:0408", "RHSA-2019:0975", "RHSA-2019:1543", "RHSA-2019:1880", "RHSA-2019:2029", "RHSA-2019:2053", "RHSA-2019:2091", "RHSA-2019:2181", "RHSA-2019:2402", "RHSA-2019:2703", "RHSA-2019:2722", "RHSA-2019:2741", "RHSA-2019:3222", "RHSA-2019:3309", "RHSA-2019:3419", "RHSA-2019:3517", "RHSA-2020:0593", "RHSA-2020:1016", "RHSA-2020:1070", "RHSA-2020:1264", "RHSA-2020:2522", "RHSA-2020:2653", "RHSA-2020:2770", "RHSA-2020:2777", "RHSA-2020:2851", "RHSA-2020:3943", "RHSA-2020:4659", "RHSA-2020:5633"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-18249", "RH:CVE-2018-12020", "RH:CVE-2018-12900", "RH:CVE-2018-14610", "RH:CVE-2018-14613", "RH:CVE-2018-14618", "RH:CVE-2018-16839", "RH:CVE-2018-16840", "RH:CVE-2018-16842", "RH:CVE-2018-16862", "RH:CVE-2018-16864", "RH:CVE-2018-16865", "RH:CVE-2018-16866", "RH:CVE-2018-18690", "RH:CVE-2018-19407", "RH:CVE-2018-19664", "RH:CVE-2018-19824", "RH:CVE-2018-19985", "RH:CVE-2018-20169", "RH:CVE-2018-5953", "RH:CVE-2019-15927", "RH:CVE-2019-3701", "RH:CVE-2019-3815", "RH:CVE-2019-5736", "RH:CVE-2019-6978", "RH:CVE-2019-7663", "RH:CVE-2020-14298"]}, {"type": "slackware", "idList": ["SSA-2018-159-01", "SSA-2018-170-01", "SSA-2018-249-01", "SSA-2018-304-01", "SSA-2019-030-01", "SSA-2020-083-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1706-1", "OPENSUSE-SU-2018:1708-1", "OPENSUSE-SU-2018:1722-1", "OPENSUSE-SU-2018:1724-1", "OPENSUSE-SU-2018:1773-1", "OPENSUSE-SU-2018:2731-1", "OPENSUSE-SU-2018:2736-1", "OPENSUSE-SU-2018:3071-1", "OPENSUSE-SU-2018:3202-1", "OPENSUSE-SU-2018:3699-1", "OPENSUSE-SU-2018:3706-1", "OPENSUSE-SU-2018:3817-1", "OPENSUSE-SU-2018:3947-1", "OPENSUSE-SU-2018:3948-1", "OPENSUSE-SU-2019:0065-1", "OPENSUSE-SU-2019:0097-1", "OPENSUSE-SU-2019:0098-1", "OPENSUSE-SU-2019:0140-1", "OPENSUSE-SU-2019:0170-1", "OPENSUSE-SU-2019:0201-1", "OPENSUSE-SU-2019:0207-1", "OPENSUSE-SU-2019:0208-1", "OPENSUSE-SU-2019:0252-1", "OPENSUSE-SU-2019:0295-1", "OPENSUSE-SU-2019:1079-1", "OPENSUSE-SU-2019:1140-1", "OPENSUSE-SU-2019:1148-1", "OPENSUSE-SU-2019:1227-1", "OPENSUSE-SU-2019:1275-1", "OPENSUSE-SU-2019:1444-1", "OPENSUSE-SU-2019:1481-1", "OPENSUSE-SU-2019:1499-1", "OPENSUSE-SU-2019:1506-1", "OPENSUSE-SU-2019:2021-1", "OPENSUSE-SU-2019:2173-1", "OPENSUSE-SU-2019:2181-1", "OPENSUSE-SU-2019:2245-1", "OPENSUSE-SU-2019:2286-1", "OPENSUSE-SU-2020:0543-1", "SUSE-SU-2022:1516-1"]}, {"type": "symantec", "idList": ["SMNTC-110958"]}, {"type": "thn", "idList": ["THN:20BF2C23D315483B3CA9190D047C1212", "THN:68B5B8B7434409E6670CCBAC8FDD8ABE", "THN:7AF4F467FCD2B758CD46FDBECE48E35F", "THN:B0FC327500C590C565FC4F46D8DCDD34", "THN:DDCD24E4C2A9F0AC7C70DEBAA1C0C02C"]}, {"type": "threatpost", "idList": ["THREATPOST:014BB554F1AB256390A14556D7332A31", "THREATPOST:1E49E6FDCFC70F7E7BB2A2CB4EC19F68", "THREATPOST:1EFFF77A39E186D173F6DF0D1259D4DE", "THREATPOST:B4C48A638705549FED64000361BA8526", "THREATPOST:E93AC619BDDF02C02A7FBD40832CCC5E"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:A8C47E018FA9A3D0723FC3A99FD592A7", "TRENDMICROBLOG:DD93FD0A6FE52A3DFF89C6F550E981D1"]}, {"type": "ubuntu", "idList": ["USN-3675-1", "USN-3675-2", "USN-3675-3", "USN-3765-1", "USN-3765-2", "USN-3805-1", "USN-3805-2", "USN-3847-1", "USN-3847-2", "USN-3847-3", "USN-3848-1", "USN-3848-2", "USN-3849-1", "USN-3849-2", "USN-3855-1", "USN-3871-1", "USN-3871-2", "USN-3871-3", "USN-3871-4", "USN-3871-5", "USN-3872-1", "USN-3878-1", "USN-3878-2", "USN-3878-3", "USN-3879-1", "USN-3879-2", "USN-3900-1", "USN-3906-1", "USN-3906-2", "USN-3910-1", "USN-3910-2", "USN-3930-1", "USN-3930-2", "USN-3931-1", "USN-3931-2", "USN-3932-1", "USN-3932-2", "USN-3933-1", "USN-3933-2", "USN-3964-1", "USN-4048-1", "USN-4094-1", "USN-4115-1", "USN-4115-2", "USN-4118-1", "USN-4190-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-18249", "UB:CVE-2018-12020", "UB:CVE-2018-12900", "UB:CVE-2018-14610", "UB:CVE-2018-14613", "UB:CVE-2018-14618", "UB:CVE-2018-16839", "UB:CVE-2018-16840", "UB:CVE-2018-16842", "UB:CVE-2018-16862", "UB:CVE-2018-16864", "UB:CVE-2018-16865", "UB:CVE-2018-16866", "UB:CVE-2018-18690", "UB:CVE-2018-19407", "UB:CVE-2018-19664", "UB:CVE-2018-19824", "UB:CVE-2018-19985", "UB:CVE-2018-20169", "UB:CVE-2018-5953", "UB:CVE-2019-12499", "UB:CVE-2019-15927", "UB:CVE-2019-3701", "UB:CVE-2019-3815", "UB:CVE-2019-5736", "UB:CVE-2019-6978", "UB:CVE-2019-7663", "UB:CVE-2020-14298"]}, {"type": "veracode", "idList": ["VERACODE:21108", "VERACODE:21817", "VERACODE:21818", "VERACODE:25751", "VERACODE:27304", "VERACODE:29326", "VERACODE:29327", "VERACODE:31127"]}, {"type": "virtuozzo", "idList": ["VZA-2019-008"]}, {"type": "vmware", "idList": ["VMSA-2019-0001", "VMSA-2019-0001.3"]}, {"type": "zdt", "idList": ["1337DAY-ID-31916", "1337DAY-ID-32165", "1337DAY-ID-32182", "1337DAY-ID-36499"]}]}, "score": {"value": 1.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:2722"]}, {"type": "amazon", "idList": ["ALAS-2018-1045", "ALAS-2019-1145", "ALAS-2019-1148", "ALAS-2019-1156", "ALAS-2019-1174", "ALAS2-2021-1643"]}, {"type": "androidsecurity", "idList": ["ANDROID:2018-08-01", "ANDROID:2019-10-01"]}, {"type": "archlinux", "idList": ["ASA-201806-8", "ASA-201811-4", "ASA-201811-5", "ASA-201811-6", "ASA-201811-7", "ASA-201811-8", "ASA-201811-9", "ASA-201901-4", "ASA-201901-9", "ASA-201902-20", "ASA-201902-6"]}, {"type": "avleonov", "idList": ["AVLEONOV:A9AB661A53F0E9B8923DE780E6F05F48"]}, {"type": "centos", "idList": ["CESA-2018:2180", "CESA-2018:2181", "CESA-2019:0049", "CESA-2019:0201", "CESA-2019:2029"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2018-1596", "CPAI-2019-0203"]}, {"type": "cisco", "idList": ["CISCO-SA-20190215-RUNC"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:113EE4A0D1964F86FB868B10CFD0D5A9", "CFOUNDRY:131A4556633D91C9BF0AE72696FADB89", "CFOUNDRY:1CA625F1FA872E0AB995AFC970D36DBC", "CFOUNDRY:3021E4215989A1024954356EA766D914", "CFOUNDRY:40058483A2E2195544934D494FF464F7", "CFOUNDRY:417EF7E80F130AEB92D7C1BE6AE5436F", "CFOUNDRY:42AAF7551028B0160ADFF3B8012E3039", "CFOUNDRY:61ADF14D6FEC14FA5E06A7684B091D19", "CFOUNDRY:7D5B2783B5DBD6FBD3B5B832351DF6B3", "CFOUNDRY:A005A5D22D18F966EBF6C011F833E895", "CFOUNDRY:ACBE18A36EB39832526C9AA3F7A3E9CE", "CFOUNDRY:BD71AB043932448695E8B3D20302D582", "CFOUNDRY:EFC04687630119FCBBD9AD5BD4734A0F"]}, {"type": "cve", "idList": ["CVE-2017-18249", "CVE-2018-12020", "CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2018-19985", "CVE-2019-3701", "CVE-2019-5736", "CVE-2019-6978"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1498-1:1ACDF", "DEBIAN:DLA-1639-1:E2273", "DEBIAN:DLA-1651-1:BB7F6", "DEBIAN:DLA-1711-1:E8CC3", "DEBIAN:DLA-1715-1:4A3F9", "DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E", "DEBIAN:DSA-4222-1:E134E", "DEBIAN:DSA-4223-1:2BDEC", "DEBIAN:DSA-4224-1:F5240", "DEBIAN:DSA-4286-1:21112", "DEBIAN:DSA-4367-1:BF4F4", "DEBIAN:DSA-4384-1:8D567"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-12020", "DEBIANCVE:CVE-2018-14618", "DEBIANCVE:CVE-2018-16839", "DEBIANCVE:CVE-2018-16840", "DEBIANCVE:CVE-2018-16842"]}, {"type": "exploitdb", "idList": ["EDB-ID:46369"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:A525E32FDF6F1ECE16D67E1741C48E11"]}, {"type": "f5", "idList": ["F5:K30683410", "F5:K46421255", "F5:K55121327", "F5:K93554290", "F5:K93960557", "F5:K98155950"]}, {"type": "fedora", "idList": ["FEDORA:0210D601DA49", "FEDORA:06A186172F8B", "FEDORA:122AE604D3F9", "FEDORA:1308F60C4220", "FEDORA:1EC0F60C8AD5", "FEDORA:20DCB60779B2", "FEDORA:22D77604972B", "FEDORA:23B4B60D1C89", "FEDORA:250CB6087A80", "FEDORA:28217613F7D7", "FEDORA:296826040AED", "FEDORA:2A1B360BC974", "FEDORA:2CDD76006271", "FEDORA:2DDF66042B0E", "FEDORA:3266960F0E44", "FEDORA:346E760BB4ED", "FEDORA:34EA76087F11", "FEDORA:3A64160C815D", "FEDORA:3BDF460779A7", "FEDORA:3C2FF6014B8C", "FEDORA:41B546014626", "FEDORA:420A76030B23", "FEDORA:421346101A44", "FEDORA:4674E60F757C", "FEDORA:4A22960A514A", "FEDORA:4C97F60A514A", "FEDORA:4CF35608BFEA", "FEDORA:4D5AD601FDAC", "FEDORA:4D8AE60BA793", "FEDORA:54CE66014B8C", "FEDORA:5956060491DC", "FEDORA:5B68260A5858", "FEDORA:68AAE60937A8", "FEDORA:6B66A6047312", "FEDORA:6B6B360567FC", "FEDORA:759B2649E501", "FEDORA:7960A6049C56", "FEDORA:7C149604D4D2", "FEDORA:813AC604EC12", "FEDORA:86049613F7DD", "FEDORA:876686076974", "FEDORA:87D78601E81F", "FEDORA:8FD3E60491BA", "FEDORA:93C27603B29E", "FEDORA:95A686085F81", "FEDORA:9BC696049C57", "FEDORA:9E3D9606D195", "FEDORA:A82626020BBE", "FEDORA:A9781604AF62", "FEDORA:AAA6460491BA", "FEDORA:AB5346014BB3", "FEDORA:AC0B8604948D", "FEDORA:AFDBD60E76E0", "FEDORA:B7617604D9DA", "FEDORA:BBFE360460D0", "FEDORA:BD35260BC96F", "FEDORA:C34566075EEA", "FEDORA:C49D061F375F", "FEDORA:C64AE6007F37", "FEDORA:C8F726082DB8", "FEDORA:D013361742CE", "FEDORA:D0736603EB7F", "FEDORA:D208C60874AA", "FEDORA:D2B426045A04", "FEDORA:D57626042B0A", "FEDORA:D685D603B26B", "FEDORA:D8E6160F62FB", "FEDORA:DBB1B659CBE0", "FEDORA:E1B606076F4E", "FEDORA:E88866014636", "FEDORA:E93AE6077DCD", "FEDORA:EF6BA6045A0C", "FEDORA:F13E1604948D", "FEDORA:F417F60477C5"]}, {"type": "freebsd", "idList": ["7DA0417F-6B24-11E8-84CC-002590ACAE31"]}, {"type": "gentoo", "idList": ["GLSA-201903-03", "GLSA-201903-07", "GLSA-201903-18"]}, {"type": "githubexploit", "idList": ["1BB3E3DD-F59A-5A19-A6FD-5C20AD2531A3", "2F6984D3-FD79-5AB7-A71D-43FF8E8DABBF", "38F2629A-330D-5488-A1E9-B85A647EE2FD", "51C8D6A4-47A9-5CDF-B833-7159E9EC70EE", "7BF9A69C-010C-5E27-AFF1-BD5C35E75269", "7E3511B5-C528-5213-B2AD-D36D4F8ACC95", "89C838C0-79FF-5954-84E9-527AC74184B4", "C493E2BD-3B57-5FD7-BFB9-B71408617084", "CC081819-FE94-5E7C-AF61-E00A82E76DE2", "D438FC99-880C-54A1-AE03-121CCA980E24"]}, {"type": "hackerone", "idList": ["H1:495495"]}, {"type": "ibm", "idList": ["22C6665D00A9702426CEE593F4765FD3CD4EE170F8AA7F50D0505C6B2799BC21", "2F7D9559AE426A44085F66D3B32DC79DBD644723F26961D9815EF3606625EE87", "54FB6726805D886796865FF32608051BEE914B969DCB3300B1E662574A92A04E", "7CFB9BE2DA6D94FEBCA1C4AA8CF9F47ECB13D1F735997F5255B4A85A3E13B4E7", "89ECD262B4968A1CEAC0618400CB1E2118B5134D866FB3DB5A845EFBE37B4016", "E9C1A49043693794000D0923340F217402D1FA6EE6CB02F1F2FBFA857D52D321"]}, {"type": "ics", "idList": ["ICSA-19-099-04"]}, {"type": "impervablog", "idList": ["IMPERVABLOG:5FB4BD7D34290CD0DF514F5CBED8F4CB"]}, {"type": "kitploit", "idList": ["KITPLOIT:216801248370103608"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/LINUX/LOCAL/DOCKER_RUNC_ESCAPE/", "MSF:ILITIES/AMAZON-LINUX-AMI-2-CVE-2018-20169/", "MSF:ILITIES/AMAZON_LINUX-CVE-2018-20169/", "MSF:ILITIES/CENTOS_LINUX-CVE-2018-20169/", "MSF:ILITIES/DEBIAN-CVE-2018-20169/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP2-CVE-2018-20169/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP3-CVE-2018-20169/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2018-20169/", "MSF:ILITIES/ORACLE_LINUX-CVE-2018-20169/", "MSF:ILITIES/REDHAT-OPENSHIFT-CVE-2018-20169/", "MSF:ILITIES/REDHAT_LINUX-CVE-2018-12900/", "MSF:ILITIES/REDHAT_LINUX-CVE-2018-20169/", "MSF:ILITIES/SUSE-CVE-2018-20169/", "MSF:ILITIES/UBUNTU-CVE-2018-20169/"]}, {"type": "myhack58", "idList": ["MYHACK58:62201992676"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1141.NASL", "AL2_ALAS-2019-1145.NASL", "AL2_ALAS-2019-1160.NASL", "AL2_ALAS-2019-1162.NASL", "AL2_ALAS-2021-1643.NASL", "ALA_ALAS-2019-1145.NASL", "ALA_ALAS-2019-1148.NASL", "ALA_ALAS-2019-1156.NASL", "CENTOS_RHSA-2018-2180.NASL", "CENTOS_RHSA-2018-2181.NASL", "CENTOS_RHSA-2019-0049.NASL", "DEBIAN_DLA-1639.NASL", "DEBIAN_DLA-1651.NASL", "DEBIAN_DSA-4222.NASL", "DEBIAN_DSA-4223.NASL", "DEBIAN_DSA-4224.NASL", "DEBIAN_DSA-4367.NASL", "DEBIAN_DSA-4384.NASL", "EULEROS_SA-2019-1021.NASL", "EULEROS_SA-2019-1027.NASL", "EULEROS_SA-2019-1028.NASL", "EULEROS_SA-2019-1047.NASL", "EULEROS_SA-2019-1060.NASL", "EULEROS_SA-2019-1061.NASL", "EULEROS_SA-2019-2054.NASL", "EULEROS_SA-2019-2353.NASL", "FEDORA_2018-111044D435.NASL", "FEDORA_2018-298A3D2923.NASL", "FEDORA_2018-3857A8B41A.NASL", "FEDORA_2018-3DC16842E2.NASL", "FEDORA_2018-4EF71D3525.NASL", "FEDORA_2018-5904D0794D.NASL", "FEDORA_2018-69BAC0F51C.NASL", "FEDORA_2018-6E8C330D50.NASL", "FEDORA_2018-7785911C9E.NASL", "FEDORA_2018-7F83032DE6.NASL", "FEDORA_2018-84FDBD021F.NASL", "FEDORA_2018-87BA0312C2.NASL", "FEDORA_2018-A0914AF224.NASL", "FEDORA_2018-A4E13742B4.NASL", "FEDORA_2018-BA443BCB6D.NASL", "FEDORA_2018-FDC4CA8675.NASL", "FEDORA_2019-18B3A10C7F.NASL", "FEDORA_2019-337484D88B.NASL", "FEDORA_2019-352D4B9CD8.NASL", "FEDORA_2019-3F19F13ECD.NASL", "FEDORA_2019-76FBE24CAB.NASL", "FEDORA_2019-829524F28F.NASL", "FEDORA_2019-963EA958F9.NASL", "FEDORA_2019-A018522BA3.NASL", "FEDORA_2019-AE92CA8981.NASL", "FEDORA_2019-B0F7A7B74B.NASL", "FEDORA_2019-DF2E68AA6B.NASL", "FEDORA_2019-E9BC354EE8.NASL", "FEDORA_2019-F455EF79B8.NASL", "FEDORA_2019-FD9345F44A.NASL", "FREEBSD_PKG_7DA0417F6B2411E884CC002590ACAE31.NASL", "JUNIPER_SPACE_JSA10917_184R1.NASL", "NEWSTART_CGSL_NS-SA-2019-0135_GNUPG2.NASL", "NEWSTART_CGSL_NS-SA-2019-0171_CURL.NASL", "NEWSTART_CGSL_NS-SA-2019-0182_CURL.NASL", "NEWSTART_CGSL_NS-SA-2019-0193_CURL.NASL", "NEWSTART_CGSL_NS-SA-2019-0196_SYSTEMD.NASL", "OPENSUSE-2018-1008.NASL", "OPENSUSE-2018-1010.NASL", "OPENSUSE-2018-1140.NASL", "OPENSUSE-2018-630.NASL", "OPENSUSE-2018-640.NASL", "OPENSUSE-2018-646.NASL", "OPENSUSE-2019-1079.NASL", "OPENSUSE-2019-1140.NASL", "OPENSUSE-2019-1148.NASL", "OPENSUSE-2019-1275.NASL", "OPENSUSE-2019-1311.NASL", "OPENSUSE-2019-140.NASL", "OPENSUSE-2019-1444.NASL", "OPENSUSE-2019-1481.NASL", "OPENSUSE-2019-1499.NASL", "OPENSUSE-2019-201.NASL", "OPENSUSE-2019-2021.NASL", "OPENSUSE-2019-207.NASL", "OPENSUSE-2019-208.NASL", "OPENSUSE-2019-2173.NASL", "OPENSUSE-2019-2181.NASL", "OPENSUSE-2019-2245.NASL", "OPENSUSE-2019-252.NASL", "OPENSUSE-2019-295.NASL", "OPENSUSE-2019-477.NASL", "OPENSUSE-2019-478.NASL", "OPENSUSE-2019-480.NASL", "OPENSUSE-2019-65.NASL", "OPENSUSE-2019-694.NASL", "OPENSUSE-2019-769.NASL", "OPENSUSE-2019-903.NASL", "OPENSUSE-2019-962.NASL", "OPENSUSE-2019-97.NASL", "OPENSUSE-2019-98.NASL", "ORACLELINUX_ELSA-2018-2180.NASL", "ORACLELINUX_ELSA-2018-2181.NASL", "ORACLELINUX_ELSA-2019-0049.NASL", "ORACLELINUX_ELSA-2019-0975.NASL", "ORACLELINUX_ELSA-2019-1880.NASL", "ORACLELINUX_ELSA-2019-2703.NASL", "ORACLELINUX_ELSA-2019-2722.NASL", "ORACLELINUX_ELSA-2019-4509.NASL", "ORACLELINUX_ELSA-2019-4510.NASL", "ORACLELINUX_ELSA-2019-4570.NASL", "ORACLELINUX_ELSA-2019-4575.NASL", "ORACLELINUX_ELSA-2019-4596.NASL", "ORACLELINUX_ELSA-2019-4600.NASL", "ORACLELINUX_ELSA-2019-4612.NASL", "ORACLELINUX_ELSA-2019-4642.NASL", "ORACLELINUX_ELSA-2019-4643.NASL", "ORACLELINUX_ELSA-2019-4644.NASL", "ORACLELINUX_ELSA-2019-4646.NASL", "ORACLELINUX_ELSA-2019-4729.NASL", "ORACLEVM_OVMSA-2019-0002.NASL", "ORACLEVM_OVMSA-2019-0009.NASL", "ORACLEVM_OVMSA-2019-0014.NASL", "ORACLEVM_OVMSA-2019-0022.NASL", "ORACLEVM_OVMSA-2019-0038.NASL", "PHOTONOS_PHSA-2018-1_0-0165_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0072_LINUX.NASL", "PHOTONOS_PHSA-2019-1_0-0203_CURL.NASL", "REDHAT-RHSA-2018-2180.NASL", "REDHAT-RHSA-2018-2181.NASL", "REDHAT-RHSA-2019-0049.NASL", "REDHAT-RHSA-2019-0204.NASL", "REDHAT-RHSA-2019-0271.NASL", "REDHAT-RHSA-2019-0303.NASL", "REDHAT-RHSA-2019-0304.NASL", "REDHAT-RHSA-2019-0342.NASL", "REDHAT-RHSA-2019-0361.NASL", "REDHAT-RHSA-2019-0408.NASL", "REDHAT-RHSA-2019-0975.NASL", "REDHAT-RHSA-2019-1880.NASL", "REDHAT-RHSA-2019-2091.NASL", "REDHAT-RHSA-2019-2181.NASL", "REDHAT-RHSA-2019-2402.NASL", "REDHAT-RHSA-2019-2703.NASL", "REDHAT-RHSA-2019-2722.NASL", "REDHAT-RHSA-2019-2741.NASL", "REDHAT-RHSA-2019-3222.NASL", "SLACKWARE_SSA_2018-159-01.NASL", "SLACKWARE_SSA_2018-170-01.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SL_20180712_GNUPG2_ON_SL6_X.NASL", "SL_20180712_GNUPG2_ON_SL7_X.NASL", "SL_20190114_SYSTEMD_ON_SL7_X.NASL", "SL_20190129_SYSTEMD_ON_SL7_X.NASL", "SL_20190729_CURL_ON_SL7_X.NASL", "SL_20190806_CURL_ON_SL7_X.NASL", "SL_20190806_SYSTEMD_ON_SL7_X.NASL", "SUSE_SU-2018-1696-1.NASL", "SUSE_SU-2018-1698-1.NASL", "SUSE_SU-2018-1814-1.NASL", "SUSE_SU-2018-2714-1.NASL", "SUSE_SU-2018-2715-1.NASL", "SUSE_SU-2018-2717-1.NASL", "SUSE_SU-2018-2980-1.NASL", "SUSE_SU-2018-3003-1.NASL", "SUSE_SU-2018-3624-1.NASL", "SUSE_SU-2018-3925-1.NASL", "SUSE_SU-2019-0053-1.NASL", "SUSE_SU-2019-0054-1.NASL", "SUSE_SU-2019-0095-1.NASL", "SUSE_SU-2019-0135-1.NASL", "SUSE_SU-2019-0137-1.NASL", "SUSE_SU-2019-0148-1.NASL", "SUSE_SU-2019-0196-1.NASL", "SUSE_SU-2019-0222-1.NASL", "SUSE_SU-2019-0224-1.NASL", "SUSE_SU-2019-0333-1.NASL", "SUSE_SU-2019-0339-1.NASL", "SUSE_SU-2019-0362-1.NASL", "SUSE_SU-2019-0439-1.NASL", "SUSE_SU-2019-0495-1.NASL", "SUSE_SU-2019-0541-1.NASL", "SUSE_SU-2019-0747-1.NASL", "SUSE_SU-2019-0771-1.NASL", "SUSE_SU-2019-0901-1.NASL", "SUSE_SU-2019-0996-1.NASL", "SUSE_SU-2019-1234-2.NASL", "SUSE_SU-2019-1287-1.NASL", "SUSE_SU-2019-1289-1.NASL", "SUSE_SU-2019-13937-1.NASL", "SUSE_SU-2019-13961-1.NASL", "SUSE_SU-2019-13979-1.NASL", "SUSE_SU-2019-2117-1.NASL", "SUSE_SU-2019-2412-1.NASL", "SUSE_SU-2019-2414-1.NASL", "SUSE_SU-2019-2424-1.NASL", "SUSE_SU-2019-2648-1.NASL", "SUSE_SU-2019-2738-1.NASL", "UBUNTU_USN-3675-1.NASL", "UBUNTU_USN-3675-2.NASL", "UBUNTU_USN-3855-1.NASL", "UBUNTU_USN-3871-1.NASL", "UBUNTU_USN-3871-2.NASL", "UBUNTU_USN-3871-3.NASL", "UBUNTU_USN-3871-4.NASL", "UBUNTU_USN-3871-5.NASL", "UBUNTU_USN-3872-1.NASL", "UBUNTU_USN-3878-1.NASL", "UBUNTU_USN-3878-2.NASL", "UBUNTU_USN-3879-1.NASL", "UBUNTU_USN-3879-2.NASL", "UBUNTU_USN-3900-1.NASL", "UBUNTU_USN-3906-1.NASL", "UBUNTU_USN-3910-1.NASL", "UBUNTU_USN-3910-2.NASL", "UBUNTU_USN-3930-1.NASL", "UBUNTU_USN-3930-2.NASL", "UBUNTU_USN-3931-1.NASL", "UBUNTU_USN-3931-2.NASL", "UBUNTU_USN-3932-1.NASL", "UBUNTU_USN-3932-2.NASL", "UBUNTU_USN-3933-1.NASL", "UBUNTU_USN-3964-1.NASL", "UBUNTU_USN-4048-1.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4115-1.NASL", "UBUNTU_USN-4115-2.NASL", "UBUNTU_USN-4118-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310141997", "OPENVAS:1361412562310704222", "OPENVAS:1361412562310704223", "OPENVAS:1361412562310704224", "OPENVAS:1361412562310704367", "OPENVAS:1361412562310704384", "OPENVAS:1361412562310704390", "OPENVAS:1361412562310843550", "OPENVAS:1361412562310843562", "OPENVAS:1361412562310843868", "OPENVAS:1361412562310843884", "OPENVAS:1361412562310843885", "OPENVAS:1361412562310843891", "OPENVAS:1361412562310843892", "OPENVAS:1361412562310843893", "OPENVAS:1361412562310843894", "OPENVAS:1361412562310843895", "OPENVAS:1361412562310843897", "OPENVAS:1361412562310843903", "OPENVAS:1361412562310843904", "OPENVAS:1361412562310843921", "OPENVAS:1361412562310843931", "OPENVAS:1361412562310843934", "OPENVAS:1361412562310843935", "OPENVAS:1361412562310843951", "OPENVAS:1361412562310843952", "OPENVAS:1361412562310843953", "OPENVAS:1361412562310843954", "OPENVAS:1361412562310843957", "OPENVAS:1361412562310843959", "OPENVAS:1361412562310843960", "OPENVAS:1361412562310844174", "OPENVAS:1361412562310851788", "OPENVAS:1361412562310851792", "OPENVAS:1361412562310851892", "OPENVAS:1361412562310852240", "OPENVAS:1361412562310852259", "OPENVAS:1361412562310852260", "OPENVAS:1361412562310852274", "OPENVAS:1361412562310852299", "OPENVAS:1361412562310852308", "OPENVAS:1361412562310852310", "OPENVAS:1361412562310852319", "OPENVAS:1361412562310852335", "OPENVAS:1361412562310852379", "OPENVAS:1361412562310852397", "OPENVAS:1361412562310852398", "OPENVAS:1361412562310852705", "OPENVAS:1361412562310874682", "OPENVAS:1361412562310874700", "OPENVAS:1361412562310874702", "OPENVAS:1361412562310874703", "OPENVAS:1361412562310874705", "OPENVAS:1361412562310874711", "OPENVAS:1361412562310875050", "OPENVAS:1361412562310875089", "OPENVAS:1361412562310875404", "OPENVAS:1361412562310875406", "OPENVAS:1361412562310875407", "OPENVAS:1361412562310875414", "OPENVAS:1361412562310875423", "OPENVAS:1361412562310875438", "OPENVAS:1361412562310875443", "OPENVAS:1361412562310875451", "OPENVAS:1361412562310875459", "OPENVAS:1361412562310875464", "OPENVAS:1361412562310875467", "OPENVAS:1361412562310875472", "OPENVAS:1361412562310875473", "OPENVAS:1361412562310875476", "OPENVAS:1361412562310875482", "OPENVAS:1361412562310875502", "OPENVAS:1361412562310875506", "OPENVAS:1361412562310876761", "OPENVAS:1361412562310876762", "OPENVAS:1361412562310876766", "OPENVAS:1361412562310876767", "OPENVAS:1361412562310876768", "OPENVAS:1361412562310876772", "OPENVAS:1361412562310876816", "OPENVAS:1361412562310876863", "OPENVAS:1361412562310876869", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310882992", "OPENVAS:1361412562310882996", "OPENVAS:1361412562310891639", "OPENVAS:1361412562310891651", "OPENVAS:1361412562310891711", "OPENVAS:1361412562310891715", "OPENVAS:1361412562310891731"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2019-5072832"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-2180", "ELSA-2018-2181", "ELSA-2019-0049", "ELSA-2019-2703", "ELSA-2019-2722", "ELSA-2019-4509", "ELSA-2019-4510", "ELSA-2019-4540", "ELSA-2019-4550", "ELSA-2019-4551", "ELSA-2019-4570", "ELSA-2019-4575", "ELSA-2019-4596", "ELSA-2019-4600"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:163339"]}, {"type": "photon", "idList": ["PHSA-2018-1.0-0165", "PHSA-2018-2.0-0072", "PHSA-2019-1.0-0203", "PHSA-2019-1.0-0205", "PHSA-2019-1.0-0206", "PHSA-2019-1.0-0208", "PHSA-2019-1.0-0212", "PHSA-2019-1.0-0240", "PHSA-2019-2.0-0128", "PHSA-2019-2.0-0129", "PHSA-2019-2.0-0161", "PHSA-2019-3.0-0001"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:1ECEF05BCE67BDE50D7D24223957B465"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:0F6591D77D4CBF34DE05F02E4D29B606"]}, {"type": "redhat", "idList": ["RHSA-2018:2180", "RHSA-2018:2181", "RHSA-2019:0201", "RHSA-2019:0271", "RHSA-2019:0342", "RHSA-2019:0361"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-12900", "RH:CVE-2018-14618", "RH:CVE-2018-16839", "RH:CVE-2018-16840", "RH:CVE-2018-19664", "RH:CVE-2019-15927", "RH:CVE-2019-3815", "RH:CVE-2019-7663"]}, {"type": "slackware", "idList": ["SSA-2018-159-01", "SSA-2018-170-01", "SSA-2019-030-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:1706-1", "OPENSUSE-SU-2018:1708-1", "OPENSUSE-SU-2018:1722-1", "OPENSUSE-SU-2018:1724-1", "OPENSUSE-SU-2018:1773-1", "OPENSUSE-SU-2018:2731-1", "OPENSUSE-SU-2018:2736-1", "OPENSUSE-SU-2018:3071-1", "OPENSUSE-SU-2018:3202-1", "OPENSUSE-SU-2019:0065-1", "OPENSUSE-SU-2019:0097-1", "OPENSUSE-SU-2019:0098-1", "OPENSUSE-SU-2019:0140-1", "OPENSUSE-SU-2019:0170-1", "OPENSUSE-SU-2019:0201-1", "OPENSUSE-SU-2019:0207-1", "OPENSUSE-SU-2019:0208-1", "OPENSUSE-SU-2019:0252-1", "OPENSUSE-SU-2019:0295-1", "OPENSUSE-SU-2019:1079-1", "OPENSUSE-SU-2019:1140-1", "OPENSUSE-SU-2019:1148-1", "OPENSUSE-SU-2019:2173-1", "OPENSUSE-SU-2019:2181-1", "OPENSUSE-SU-2019:2245-1", "OPENSUSE-SU-2019:2286-1"]}, {"type": "thn", "idList": ["THN:68B5B8B7434409E6670CCBAC8FDD8ABE", "THN:7AF4F467FCD2B758CD46FDBECE48E35F", "THN:B0FC327500C590C565FC4F46D8DCDD34"]}, {"type": "threatpost", "idList": ["THREATPOST:1EFFF77A39E186D173F6DF0D1259D4DE", "THREATPOST:B4C48A638705549FED64000361BA8526"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:A8C47E018FA9A3D0723FC3A99FD592A7", "TRENDMICROBLOG:DD93FD0A6FE52A3DFF89C6F550E981D1"]}, {"type": "ubuntu", "idList": ["USN-3675-1", "USN-3765-1", "USN-3765-2", "USN-3847-1", "USN-3847-2", "USN-3847-3", "USN-3848-1", "USN-3848-2", "USN-3849-1", "USN-3849-2", "USN-3855-1", "USN-3871-1", "USN-3871-2", "USN-3871-3", "USN-3871-4", "USN-3871-5", "USN-3872-1", "USN-3878-1", "USN-3878-2", "USN-3878-3", "USN-3879-1", "USN-3879-2", "USN-3900-1", "USN-3906-1", "USN-3906-2", "USN-3910-1", "USN-3910-2", "USN-3930-1", "USN-3930-2", "USN-3931-1", "USN-3931-2", "USN-3932-1", "USN-3932-2", "USN-3933-1", "USN-3933-2", "USN-4115-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-15927"]}, {"type": "virtuozzo", "idList": ["VZA-2019-008"]}, {"type": "vmware", "idList": ["VMSA-2019-0001.3"]}, {"type": "zdt", "idList": ["1337DAY-ID-31916", "1337DAY-ID-32165", "1337DAY-ID-32182"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2017-18249", "epss": "0.000420000", "percentile": "0.056370000", "modified": "2023-03-18"}, {"cve": "CVE-2018-12020", "epss": "0.007740000", "percentile": "0.785550000", "modified": "2023-03-18"}, {"cve": "CVE-2018-12900", "epss": "0.345080000", "percentile": "0.964020000", "modified": "2023-03-18"}, {"cve": "CVE-2018-14610", "epss": "0.001010000", "percentile": "0.399530000", "modified": "2023-03-18"}, {"cve": "CVE-2018-14613", "epss": "0.001020000", "percentile": "0.401050000", "modified": "2023-03-18"}, {"cve": "CVE-2018-14618", "epss": "0.023380000", "percentile": "0.880470000", "modified": "2023-03-18"}, {"cve": "CVE-2018-16839", "epss": "0.010700000", "percentile": "0.819760000", "modified": "2023-03-17"}, {"cve": "CVE-2018-16840", "epss": "0.008340000", "percentile": "0.794420000", "modified": "2023-03-17"}, {"cve": "CVE-2018-16842", "epss": "0.011280000", "percentile": "0.824720000", "modified": "2023-03-17"}, {"cve": "CVE-2018-16862", "epss": "0.000490000", "percentile": "0.152910000", "modified": "2023-03-17"}, {"cve": "CVE-2018-16864", "epss": "0.000440000", "percentile": "0.081930000", "modified": "2023-03-17"}, {"cve": "CVE-2018-16865", "epss": "0.000440000", "percentile": "0.110630000", "modified": "2023-03-17"}, {"cve": "CVE-2018-16866", "epss": "0.000440000", "percentile": "0.081930000", "modified": "2023-03-17"}, {"cve": "CVE-2018-18690", "epss": "0.000440000", "percentile": "0.081930000", "modified": "2023-03-17"}, {"cve": "CVE-2018-19407", "epss": "0.000420000", "percentile": "0.056410000", "modified": "2023-03-17"}, {"cve": "CVE-2018-19664", "epss": "0.001080000", "percentile": "0.421000000", "modified": "2023-03-17"}, {"cve": "CVE-2018-19824", "epss": "0.000440000", "percentile": "0.081930000", "modified": "2023-03-17"}, {"cve": "CVE-2018-19985", "epss": "0.001560000", "percentile": "0.501900000", "modified": "2023-03-17"}, {"cve": "CVE-2018-20169", "epss": "0.002040000", "percentile": "0.566530000", "modified": "2023-03-17"}, {"cve": "CVE-2018-5953", "epss": "0.000420000", "percentile": "0.056370000", "modified": "2023-03-18"}, {"cve": "CVE-2019-15927", "epss": "0.000450000", "percentile": "0.120240000", "modified": "2023-03-17"}, {"cve": "CVE-2019-3701", "epss": "0.000740000", "percentile": "0.300040000", "modified": "2023-03-17"}, {"cve": "CVE-2019-5736", "epss": "0.004010000", "percentile": "0.695400000", "modified": "2023-03-17"}, {"cve": "CVE-2019-6978", "epss": "0.013390000", "percentile": "0.840050000", "modified": "2023-03-17"}], "vulnersScore": 1.6}, "_state": {"dependencies": 1660004461, "score": 1659950154, "epss": 1679176287}, "_internal": {"score_hash": "eb14c7284b6f1c6725f8329ec01d23b3"}, "affectedPackage": [{"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "18.06.2-1.ph2", "packageFilename": "docker-doc-18.06.2-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "docker-doc"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "2.2.5-3.ph2", "packageFilename": "libgd-2.2.5-3.ph2.x86_64.rpm", "operator": "lt", "packageName": "libgd"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.0.10-2.ph2", "packageFilename": "libtiff-devel-4.0.10-2.ph2.x86_64.rpm", "operator": "lt", "packageName": "libtiff-devel"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "2.1.20-4.ph2", "packageFilename": "gnupg-2.1.20-4.ph2.x86_64.rpm", "operator": "lt", "packageName": "gnupg"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "233-18.ph2", "packageFilename": "systemd-devel-233-18.ph2.x86_64.rpm", "operator": "lt", "packageName": "systemd-devel"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "7.59.0-4.ph2", "packageFilename": "curl-libs-7.59.0-4.ph2.x86_64.rpm", "operator": "lt", "packageName": "curl-libs"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-aws-oprofile-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-aws-oprofile"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-esx-docs-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-esx-docs"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.0.10-2.ph2", "packageFilename": "libtiff-4.0.10-2.ph2.x86_64.rpm", "operator": "lt", "packageName": "libtiff"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "7.59.0-4.ph2", "packageFilename": "curl-7.59.0-4.ph2.x86_64.rpm", "operator": "lt", "packageName": "curl"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-secure-lkcm-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-secure-lkcm"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-esx-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-esx"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-secure-devel-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-secure-devel"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.0.10-2.ph2", "packageFilename": "libtiff-debuginfo-4.0.10-2.ph2.x86_64.rpm", "operator": "lt", "packageName": "libtiff-debuginfo"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "18.06.2-1.ph2", "packageFilename": "docker-18.06.2-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "docker"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "7.59.0-4.ph2", "packageFilename": "curl-devel-7.59.0-4.ph2.x86_64.rpm", "operator": "lt", "packageName": "curl-devel"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-esx-debuginfo-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-esx-debuginfo"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "233-18.ph2", "packageFilename": "systemd-debuginfo-233-18.ph2.x86_64.rpm", "operator": "lt", "packageName": "systemd-debuginfo"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-secure-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-secure"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-debuginfo-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-debuginfo"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "2.0.0-2.ph2", "packageFilename": "libjpeg-turbo-devel-2.0.0-2.ph2.x86_64.rpm", "operator": "lt", "packageName": "libjpeg-turbo-devel"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-aws-tools-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-aws-tools"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "2.0.0-2.ph2", "packageFilename": "libjpeg-turbo-2.0.0-2.ph2.x86_64.rpm", "operator": "lt", "packageName": "libjpeg-turbo"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-oprofile-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-oprofile"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "2.0.0-2.ph2", "packageFilename": "libjpeg-turbo-debuginfo-2.0.0-2.ph2.x86_64.rpm", "operator": "lt", "packageName": "libjpeg-turbo-debuginfo"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "233-18.ph2", "packageFilename": "systemd-lang-233-18.ph2.x86_64.rpm", "operator": "lt", "packageName": "systemd-lang"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-tools-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-tools"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-devel-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-devel"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-secure-docs-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-secure-docs"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "noarch", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-api-headers-4.9.154-1.ph2.noarch.rpm", "operator": "lt", "packageName": "linux-api-headers"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "233-18.ph2", "packageFilename": "systemd-233-18.ph2.x86_64.rpm", "operator": "lt", "packageName": "systemd"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-secure-debuginfo-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-secure-debuginfo"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-esx-devel-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-esx-devel"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-aws-drivers-gpu-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-aws-drivers-gpu"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "2.2.5-3.ph2", "packageFilename": "libgd-devel-2.2.5-3.ph2.x86_64.rpm", "operator": "lt", "packageName": "libgd-devel"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-aws-debuginfo-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-aws-debuginfo"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-docs-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-docs"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-aws-devel-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-aws-devel"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-aws-sound-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-aws-sound"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-drivers-gpu-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-drivers-gpu"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "2.2.5-3.ph2", "packageFilename": "libgd-debuginfo-2.2.5-3.ph2.x86_64.rpm", "operator": "lt", "packageName": "libgd-debuginfo"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "7.59.0-4.ph2", "packageFilename": "curl-debuginfo-7.59.0-4.ph2.x86_64.rpm", "operator": "lt", "packageName": "curl-debuginfo"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-sound-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-sound"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "2.1.20-4.ph2", "packageFilename": "gnupg-debuginfo-2.1.20-4.ph2.x86_64.rpm", "operator": "lt", "packageName": "gnupg-debuginfo"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-aws-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-aws"}, {"OS": "Photon", "OSVersion": "2.0", "arch": "x86_64", "packageVersion": "4.9.154-1.ph2", "packageFilename": "linux-aws-docs-4.9.154-1.ph2.x86_64.rpm", "operator": "lt", "packageName": "linux-aws-docs"}], "vendorCvss": {"severity": "critical"}}

{"photon": [{"lastseen": "2021-11-03T21:00:53", "description": "An update of {'curl', 'libgd', 'docker', 'libjpeg-turbo', 'gnupg', 'linux', 'linux-aws', 'linux-secure', 'libtiff', 'linux-esx'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-13T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-2.0-0128", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12020", "CVE-2018-12900", "CVE-2018-14618", "CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842", "CVE-2018-19664", "CVE-2018-19824", "CVE-2019-5736", "CVE-2019-6978"], "modified": "2019-02-13T00:00:00", "id": "PHSA-2019-2.0-0128", "href": "https://github.com/vmware/photon/wiki/Security-Updates-2-128", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-12T18:05:10", "description": "Updates of ['linux', 'linux-esx'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-06T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2019-0206", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1120", "CVE-2018-12896", "CVE-2018-14610", "CVE-2018-14613", "CVE-2018-16862", "CVE-2018-19824", "CVE-2018-19985", "CVE-2018-20169", "CVE-2018-5953", "CVE-2019-15927"], "modified": "2019-02-06T00:00:00", "id": "PHSA-2019-0206", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-206", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-03T08:50:58", "description": "An update of {'linux', 'linux-esx'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-06T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-1.0-0206", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1120", "CVE-2018-12896", "CVE-2018-14610", "CVE-2018-14613", "CVE-2018-16862", "CVE-2018-19824", "CVE-2018-19985", "CVE-2018-20169", "CVE-2018-5953", "CVE-2019-15927"], "modified": "2019-02-06T00:00:00", "id": "PHSA-2019-1.0-0206", "href": "https://github.com/vmware/photon/wiki/Security-Updates-1.0-206", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-03T11:51:23", "description": "An update of {'linux', 'paramiko', 'curl', 'elasticsearch', 'kibana', 'systemd', 'ruby', 'linux-esx'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-04T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-1.0-0205", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000805", "CVE-2018-14618", "CVE-2018-16395", "CVE-2018-16396", "CVE-2018-16839", "CVE-2018-16864", "CVE-2018-16865", "CVE-2018-19824", "CVE-2018-3830", "CVE-2018-3831"], "modified": "2019-02-04T00:00:00", "id": "PHSA-2019-1.0-0205", "href": "https://github.com/vmware/photon/wiki/Security-Updates-1.0-205", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-12T18:04:54", "description": "Updates of ['systemd', 'paramiko', 'python3', 'ruby', 'curl', 'elasticsearch', 'kibana', 'openjdk'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-04T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-0205", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000805", "CVE-2018-14618", "CVE-2018-14647", "CVE-2018-16395", "CVE-2018-16396", "CVE-2018-16839", "CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2018-3830", "CVE-2018-3831", "CVE-2019-2426"], "modified": "2019-02-04T00:00:00", "id": "PHSA-2019-0205", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-205", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-01-11T14:52:09", "description": "This update for curl fixes the following issues :\n\n - CVE-2018-16839: A SASL password overflow via integer overflow was fixed which could lead to crashes (bsc#1112758)\n\n - CVE-2018-16840: A use-after-free in SASL handle close was fixed which could lead to crashes (bsc#1112758)\n\n - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-11T00:00:00", "type": "nessus", "title": "openSUSE Security Update : curl (openSUSE-2018-1379)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:curl", "p-cpe:/a:novell:opensuse:curl-debuginfo", "p-cpe:/a:novell:opensuse:curl-debugsource", "p-cpe:/a:novell:opensuse:curl-mini", "p-cpe:/a:novell:opensuse:curl-mini-debuginfo", "p-cpe:/a:novell:opensuse:curl-mini-debugsource", "p-cpe:/a:novell:opensuse:libcurl-devel", "p-cpe:/a:novell:opensuse:libcurl-devel-32bit", "p-cpe:/a:novell:opensuse:libcurl-mini-devel", "p-cpe:/a:novell:opensuse:libcurl4", "p-cpe:/a:novell:opensuse:libcurl4-32bit", "p-cpe:/a:novell:opensuse:libcurl4-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libcurl4-debuginfo", "p-cpe:/a:novell:opensuse:libcurl4-mini", "p-cpe:/a:novell:opensuse:libcurl4-mini-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-1379.NASL", "href": "https://www.tenable.com/plugins/nessus/118876", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1379.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118876);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-16839\", \"CVE-2018-16840\", \"CVE-2018-16842\");\n\n script_name(english:\"openSUSE Security Update : curl (openSUSE-2018-1379)\");\n script_summary(english:\"Check for the openSUSE-2018-1379 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for curl fixes the following issues :\n\n - CVE-2018-16839: A SASL password overflow via integer\n overflow was fixed which could lead to crashes\n (bsc#1112758)\n\n - CVE-2018-16840: A use-after-free in SASL handle close\n was fixed which could lead to crashes (bsc#1112758)\n\n - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was\n fixed which could lead to crashes (bsc#1113660)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113660\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"curl-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"curl-debuginfo-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"curl-debugsource-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"curl-mini-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"curl-mini-debuginfo-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"curl-mini-debugsource-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libcurl-devel-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libcurl-mini-devel-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libcurl4-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libcurl4-debuginfo-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libcurl4-mini-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libcurl4-mini-debuginfo-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libcurl-devel-32bit-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libcurl4-32bit-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libcurl4-32bit-debuginfo-7.60.0-lp150.2.15.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl-mini / curl-mini-debuginfo / curl-mini-debugsource / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:09", "description": "This update for curl fixes the following issues :\n\n - CVE-2018-16839: A SASL password overflow via integer overflow was fixed which could lead to crashes (bsc#1112758)\n\n - CVE-2018-16840: A use-after-free in SASL handle close was fixed which could lead to crashes (bsc#1112758)\n\n - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : curl (openSUSE-2019-903)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:curl", "p-cpe:/a:novell:opensuse:curl-debuginfo", "p-cpe:/a:novell:opensuse:curl-debugsource", "p-cpe:/a:novell:opensuse:curl-mini", "p-cpe:/a:novell:opensuse:curl-mini-debuginfo", "p-cpe:/a:novell:opensuse:curl-mini-debugsource", "p-cpe:/a:novell:opensuse:libcurl-devel", "p-cpe:/a:novell:opensuse:libcurl-devel-32bit", "p-cpe:/a:novell:opensuse:libcurl-mini-devel", "p-cpe:/a:novell:opensuse:libcurl4", "p-cpe:/a:novell:opensuse:libcurl4-32bit", "p-cpe:/a:novell:opensuse:libcurl4-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libcurl4-debuginfo", "p-cpe:/a:novell:opensuse:libcurl4-mini", "p-cpe:/a:novell:opensuse:libcurl4-mini-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-903.NASL", "href": "https://www.tenable.com/plugins/nessus/123369", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-903.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123369);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-16839\", \"CVE-2018-16840\", \"CVE-2018-16842\");\n\n script_name(english:\"openSUSE Security Update : curl (openSUSE-2019-903)\");\n script_summary(english:\"Check for the openSUSE-2019-903 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for curl fixes the following issues :\n\n - CVE-2018-16839: A SASL password overflow via integer\n overflow was fixed which could lead to crashes\n (bsc#1112758)\n\n - CVE-2018-16840: A use-after-free in SASL handle close\n was fixed which could lead to crashes (bsc#1112758)\n\n - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was\n fixed which could lead to crashes (bsc#1113660)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113660\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"curl-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"curl-debuginfo-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"curl-debugsource-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"curl-mini-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"curl-mini-debuginfo-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"curl-mini-debugsource-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libcurl-devel-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libcurl-mini-devel-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libcurl4-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libcurl4-debuginfo-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libcurl4-mini-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libcurl4-mini-debuginfo-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libcurl-devel-32bit-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libcurl4-32bit-7.60.0-lp150.2.15.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libcurl4-32bit-debuginfo-7.60.0-lp150.2.15.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl-mini / curl-mini-debuginfo / curl-mini-debugsource / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:11", "description": "This update for curl fixes the following issues :\n\nCVE-2018-16839: A SASL password overflow via integer overflow was fixed which could lead to crashes (bsc#1112758)\n\nCVE-2018-16840: A use-after-free in SASL handle close was fixed which could lead to crashes (bsc#1112758)\n\nCVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2018:3624-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:curl", "p-cpe:/a:novell:suse_linux:curl-debuginfo", "p-cpe:/a:novell:suse_linux:curl-debugsource", "p-cpe:/a:novell:suse_linux:curl-mini", "p-cpe:/a:novell:suse_linux:curl-mini-debuginfo", "p-cpe:/a:novell:suse_linux:curl-mini-debugsource", "p-cpe:/a:novell:suse_linux:libcurl-devel", "p-cpe:/a:novell:suse_linux:libcurl-mini-devel", "p-cpe:/a:novell:suse_linux:libcurl4", "p-cpe:/a:novell:suse_linux:libcurl4-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libcurl4-debuginfo", "p-cpe:/a:novell:suse_linux:libcurl4-mini", "p-cpe:/a:novell:suse_linux:libcurl4-mini-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2018-3624-1.NASL", "href": "https://www.tenable.com/plugins/nessus/120154", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3624-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(120154);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-16839\", \"CVE-2018-16840\", \"CVE-2018-16842\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : curl (SUSE-SU-2018:3624-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for curl fixes the following issues :\n\nCVE-2018-16839: A SASL password overflow via integer overflow was\nfixed which could lead to crashes (bsc#1112758)\n\nCVE-2018-16840: A use-after-free in SASL handle close was fixed which\ncould lead to crashes (bsc#1112758)\n\nCVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which\ncould lead to crashes (bsc#1113660)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16839/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16840/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16842/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183624-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9ee817b0\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2018-2578=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2018-2578=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:curl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:curl-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:curl-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:curl-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcurl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcurl-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcurl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcurl4-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcurl4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcurl4-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcurl4-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libcurl4-32bit-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libcurl4-32bit-debuginfo-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"curl-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"curl-debuginfo-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"curl-debugsource-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"curl-mini-7.60.0-3.14.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"curl-mini-debuginfo-7.60.0-3.14.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"curl-mini-debugsource-7.60.0-3.14.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libcurl-devel-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libcurl-mini-devel-7.60.0-3.14.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libcurl4-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libcurl4-debuginfo-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libcurl4-mini-7.60.0-3.14.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libcurl4-mini-debuginfo-7.60.0-3.14.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libcurl4-32bit-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libcurl4-32bit-debuginfo-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"curl-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"curl-debuginfo-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"curl-debugsource-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"curl-mini-7.60.0-3.14.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"curl-mini-debuginfo-7.60.0-3.14.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"curl-mini-debugsource-7.60.0-3.14.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libcurl-devel-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libcurl-mini-devel-7.60.0-3.14.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libcurl4-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libcurl4-debuginfo-7.60.0-3.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libcurl4-mini-7.60.0-3.14.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libcurl4-mini-debuginfo-7.60.0-3.14.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:41", "description": "- SASL password overflow via integer overflow (CVE-2018-16839)\n\n - fix use-after-free in handle close (CVE-2018-16840)\n\n - fix bad arethmetic when outputting warnings to stderr (CVE-2018-16842)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 29 : curl (2018-7785911c9e)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:curl", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2018-7785911C9E.NASL", "href": "https://www.tenable.com/plugins/nessus/120542", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-7785911c9e.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120542);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-16839\", \"CVE-2018-16840\", \"CVE-2018-16842\");\n script_xref(name:\"FEDORA\", value:\"2018-7785911c9e\");\n\n script_name(english:\"Fedora 29 : curl (2018-7785911c9e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - SASL password overflow via integer overflow\n (CVE-2018-16839)\n\n - fix use-after-free in handle close (CVE-2018-16840)\n\n - fix bad arethmetic when outputting warnings to stderr\n (CVE-2018-16842)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-7785911c9e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"curl-7.61.1-4.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:11", "description": "New curl packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-01T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / 14.2 / current : curl (SSA:2018-304-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842"], "modified": "2022-01-31T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:curl", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2018-304-01.NASL", "href": "https://www.tenable.com/plugins/nessus/118586", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2018-304-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118586);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/31\");\n\n script_cve_id(\"CVE-2018-16839\", \"CVE-2018-16840\", \"CVE-2018-16842\");\n script_xref(name:\"SSA\", value:\"2018-304-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / 14.2 / current : curl (SSA:2018-304-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New curl packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.432448\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa628473\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16840\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"curl\", pkgver:\"7.62.0\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"curl\", pkgver:\"7.62.0\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"curl\", pkgver:\"7.62.0\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"curl\", pkgver:\"7.62.0\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"curl\", pkgver:\"7.62.0\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"curl\", pkgver:\"7.62.0\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"curl\", pkgver:\"7.62.0\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"curl\", pkgver:\"7.62.0\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-13T14:43:00", "description": "Harry Sintonen discovered that curl incorrectly handled SASL authentication. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-16839)\n\nBrian Carpenter discovered that curl incorrectly handled memory when closing certain handles. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-16840)\n\nBrian Carpenter discovered that the curl command-line tool incorrectly handled error messages. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2018-16842).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-01T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : curl vulnerabilities (USN-3805-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:curl", "p-cpe:/a:canonical:ubuntu_linux:libcurl3", "p-cpe:/a:canonical:ubuntu_linux:libcurl3-gnutls", "p-cpe:/a:canonical:ubuntu_linux:libcurl3-nss", "p-cpe:/a:canonical:ubuntu_linux:libcurl4", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.10"], "id": "UBUNTU_USN-3805-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118591", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3805-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118591);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2018-16839\", \"CVE-2018-16840\", \"CVE-2018-16842\");\n script_xref(name:\"USN\", value:\"3805-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : curl vulnerabilities (USN-3805-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Harry Sintonen discovered that curl incorrectly handled SASL\nauthentication. A remote attacker could use this issue to cause curl\nto crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2018-16839)\n\nBrian Carpenter discovered that curl incorrectly handled memory when\nclosing certain handles. A remote attacker could use this issue to\ncause curl to crash, resulting in a denial of service, or possibly\nexecute arbitrary code. (CVE-2018-16840)\n\nBrian Carpenter discovered that the curl command-line tool incorrectly\nhandled error messages. A remote attacker could possibly use this\nissue to obtain sensitive information. (CVE-2018-16842).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3805-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16840\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcurl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcurl3-gnutls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcurl3-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libcurl4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2023 Canonical, Inc. / NASL script (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|18\\.04|18\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 18.04 / 18.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"curl\", pkgver:\"7.35.0-1ubuntu2.19\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libcurl3\", pkgver:\"7.35.0-1ubuntu2.19\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libcurl3-gnutls\", pkgver:\"7.35.0-1ubuntu2.19\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libcurl3-nss\", pkgver:\"7.35.0-1ubuntu2.19\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"curl\", pkgver:\"7.47.0-1ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libcurl3\", pkgver:\"7.47.0-1ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libcurl3-gnutls\", pkgver:\"7.47.0-1ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libcurl3-nss\", pkgver:\"7.47.0-1ubuntu2.11\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"curl\", pkgver:\"7.58.0-2ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libcurl3-gnutls\", pkgver:\"7.58.0-2ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libcurl3-nss\", pkgver:\"7.58.0-2ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libcurl4\", pkgver:\"7.58.0-2ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"curl\", pkgver:\"7.61.0-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"libcurl3-gnutls\", pkgver:\"7.61.0-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"libcurl3-nss\", pkgver:\"7.61.0-1ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"libcurl4\", pkgver:\"7.61.0-1ubuntu2.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl / libcurl3 / libcurl3-gnutls / libcurl3-nss / libcurl4\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:12", "description": "- SASL password overflow via integer overflow (CVE-2018-16839)\n\n - fix use-after-free in handle close (CVE-2018-16840)\n\n - fix bad arethmetic when outputting warnings to stderr (CVE-2018-16842)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : curl (2018-fdc4ca8675)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:curl", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-FDC4CA8675.NASL", "href": "https://www.tenable.com/plugins/nessus/120934", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-fdc4ca8675.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120934);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-16839\", \"CVE-2018-16840\", \"CVE-2018-16842\");\n script_xref(name:\"FEDORA\", value:\"2018-fdc4ca8675\");\n\n script_name(english:\"Fedora 28 : curl (2018-fdc4ca8675)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - SASL password overflow via integer overflow\n (CVE-2018-16839)\n\n - fix use-after-free in handle close (CVE-2018-16840)\n\n - fix bad arethmetic when outputting warnings to stderr\n (CVE-2018-16842)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-fdc4ca8675\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"curl-7.59.0-8.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:14", "description": "A heap use-after-free flaw was found in curl related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.\n(CVE-2018-16840)\n\nCurl is vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service. (CVE-2018-16839)\n\nCurl is vulnerable to a heap-based buffer over-read in the tool_msgs.c:voutf() function that may result in information exposure and denial of service. (CVE-2018-16842)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-25T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : curl (ALAS-2019-1148)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842"], "modified": "2020-02-20T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:curl", "p-cpe:/a:amazon:linux:curl-debuginfo", "p-cpe:/a:amazon:linux:libcurl", "p-cpe:/a:amazon:linux:libcurl-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1148.NASL", "href": "https://www.tenable.com/plugins/nessus/121369", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1148.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121369);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/20\");\n\n script_cve_id(\"CVE-2018-16839\", \"CVE-2018-16840\", \"CVE-2018-16842\");\n script_xref(name:\"ALAS\", value:\"2019-1148\");\n\n script_name(english:\"Amazon Linux AMI : curl (ALAS-2019-1148)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap use-after-free flaw was found in curl related to closing an\neasy handle. When closing and cleaning up an 'easy' handle in the\n`Curl_close()` function, the library code first frees a struct\n(without nulling the pointer) and might then subsequently erroneously\nwrite to a struct field within that already freed struct.\n(CVE-2018-16840)\n\nCurl is vulnerable to a buffer overrun in the SASL authentication code\nthat may lead to denial of service. (CVE-2018-16839)\n\nCurl is vulnerable to a heap-based buffer over-read in the\ntool_msgs.c:voutf() function that may result in information exposure\nand denial of service. (CVE-2018-16842)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1148.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update curl' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libcurl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libcurl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"curl-7.53.1-16.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"curl-debuginfo-7.53.1-16.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libcurl-7.53.1-16.86.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"libcurl-devel-7.53.1-16.86.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl / curl-debuginfo / libcurl / libcurl-devel\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-25T14:25:00", "description": "USN-3879-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.\n\nWen Xu discovered that the ext4 file system implementation in the Linux kernel could possibly perform an out of bounds write when updating the journal for an inline file. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10883)\n\nVasily Averin and Pavel Tikhomirov discovered that the cleancache subsystem of the Linux kernel did not properly initialize new files in some situations. A local attacker could use this to expose sensitive information. (CVE-2018-16862)\n\nWei Wu discovered that the KVM implementation in the Linux kernel did not properly ensure that ioapics were initialized. A local attacker could use this to cause a denial of service (system crash).\n(CVE-2018-19407)\n\nMathias Payer and Hui Peng discovered a use-after-free vulnerability in the Advanced Linux Sound Architecture (ALSA) subsystem. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2018-19824)\n\nHui Peng and Mathias Payer discovered that the USB subsystem in the Linux kernel did not properly handle size checks when handling an extra USB descriptor. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2018-20169).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-05T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-xenial, linux-aws vulnerabilities (USN-3879-2)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10883", "CVE-2018-16862", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-20169"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3879-2.NASL", "href": "https://www.tenable.com/plugins/nessus/121597", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3879-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121597);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2018-10883\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-19824\", \"CVE-2018-20169\");\n script_xref(name:\"USN\", value:\"3879-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-xenial, linux-aws vulnerabilities (USN-3879-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-3879-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nWen Xu discovered that the ext4 file system implementation in the\nLinux kernel could possibly perform an out of bounds write when\nupdating the journal for an inline file. An attacker could use this to\nconstruct a malicious ext4 image that, when mounted, could cause a\ndenial of service (system crash). (CVE-2018-10883)\n\nVasily Averin and Pavel Tikhomirov discovered that the cleancache\nsubsystem of the Linux kernel did not properly initialize new files in\nsome situations. A local attacker could use this to expose sensitive\ninformation. (CVE-2018-16862)\n\nWei Wu discovered that the KVM implementation in the Linux kernel did\nnot properly ensure that ioapics were initialized. A local attacker\ncould use this to cause a denial of service (system crash).\n(CVE-2018-19407)\n\nMathias Payer and Hui Peng discovered a use-after-free vulnerability\nin the Advanced Linux Sound Architecture (ALSA) subsystem. A\nphysically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2018-19824)\n\nHui Peng and Mathias Payer discovered that the USB subsystem in the\nLinux kernel did not properly handle size checks when handling an\nextra USB descriptor. A physically proximate attacker could use this\nto cause a denial of service (system crash). (CVE-2018-20169).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3879-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20169\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-10883\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-19824\", \"CVE-2018-20169\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3879-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-1038-aws\", pkgver:\"4.4.0-1038.41\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-142-generic\", pkgver:\"4.4.0-142.168~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-142-generic-lpae\", pkgver:\"4.4.0-142.168~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-142-lowlatency\", pkgver:\"4.4.0-142.168~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1038.38\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lpae-lts-xenial\", pkgver:\"4.4.0.142.122\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lts-xenial\", pkgver:\"4.4.0.142.122\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-lowlatency-lts-xenial\", pkgver:\"4.4.0.142.122\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-aws / linux-image-4.4-generic / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-25T14:24:29", "description": "Wen Xu discovered that the ext4 file system implementation in the Linux kernel could possibly perform an out of bounds write when updating the journal for an inline file. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10883)\n\nVasily Averin and Pavel Tikhomirov discovered that the cleancache subsystem of the Linux kernel did not properly initialize new files in some situations. A local attacker could use this to expose sensitive information. (CVE-2018-16862)\n\nWei Wu discovered that the KVM implementation in the Linux kernel did not properly ensure that ioapics were initialized. A local attacker could use this to cause a denial of service (system crash).\n(CVE-2018-19407)\n\nMathias Payer and Hui Peng discovered a use-after-free vulnerability in the Advanced Linux Sound Architecture (ALSA) subsystem. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2018-19824)\n\nHui Peng and Mathias Payer discovered that the USB subsystem in the Linux kernel did not properly handle size checks when handling an extra USB descriptor. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2018-20169).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-05T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities (USN-3879-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10883", "CVE-2018-16862", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-20169"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3879-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121596", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3879-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121596);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2018-10883\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-19824\", \"CVE-2018-20169\");\n script_xref(name:\"USN\", value:\"3879-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities (USN-3879-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Wen Xu discovered that the ext4 file system implementation in the\nLinux kernel could possibly perform an out of bounds write when\nupdating the journal for an inline file. An attacker could use this to\nconstruct a malicious ext4 image that, when mounted, could cause a\ndenial of service (system crash). (CVE-2018-10883)\n\nVasily Averin and Pavel Tikhomirov discovered that the cleancache\nsubsystem of the Linux kernel did not properly initialize new files in\nsome situations. A local attacker could use this to expose sensitive\ninformation. (CVE-2018-16862)\n\nWei Wu discovered that the KVM implementation in the Linux kernel did\nnot properly ensure that ioapics were initialized. A local attacker\ncould use this to cause a denial of service (system crash).\n(CVE-2018-19407)\n\nMathias Payer and Hui Peng discovered a use-after-free vulnerability\nin the Advanced Linux Sound Architecture (ALSA) subsystem. A\nphysically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2018-19824)\n\nHui Peng and Mathias Payer discovered that the USB subsystem in the\nLinux kernel did not properly handle size checks when handling an\nextra USB descriptor. A physically proximate attacker could use this\nto cause a denial of service (system crash). (CVE-2018-20169).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3879-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20169\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-10883\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-19824\", \"CVE-2018-20169\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3879-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1040-kvm\", pkgver:\"4.4.0-1040.46\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1075-aws\", pkgver:\"4.4.0-1075.85\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1103-raspi2\", pkgver:\"4.4.0-1103.111\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1107-snapdragon\", pkgver:\"4.4.0-1107.112\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-142-generic\", pkgver:\"4.4.0-142.168\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-142-generic-lpae\", pkgver:\"4.4.0-142.168\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-142-lowlatency\", pkgver:\"4.4.0-142.168\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1075.77\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.142.148\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.142.148\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.4.0.1040.39\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.142.148\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.4.0.1103.103\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1107.99\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-aws / linux-image-4.4-generic / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:45:22", "description": "The Qualys Research Labs discovered multiple vulnerabilities in systemd-journald. Two memory corruption flaws, via attacker-controlled allocations using the alloca function (CVE-2018-16864, CVE-2018-16865 ) and an out-of-bounds read flaw leading to an information leak (CVE-2018-16866 ), could allow an attacker to cause a denial of service or the execution of arbitrary code.\n\nFurther details in the Qualys Security Advisory at https://www.qualys.com/2019/01/09/system-down/system-down.txt", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-14T00:00:00", "type": "nessus", "title": "Debian DSA-4367-1 : systemd - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2019-05-17T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:systemd", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4367.NASL", "href": "https://www.tenable.com/plugins/nessus/121136", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4367. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121136);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/05/17 9:44:17\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n script_xref(name:\"DSA\", value:\"4367\");\n\n script_name(english:\"Debian DSA-4367-1 : systemd - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Qualys Research Labs discovered multiple vulnerabilities in\nsystemd-journald. Two memory corruption flaws, via attacker-controlled\nallocations using the alloca function (CVE-2018-16864, CVE-2018-16865\n) and an out-of-bounds read flaw leading to an information leak\n(CVE-2018-16866 ), could allow an attacker to cause a denial of\nservice or the execution of arbitrary code.\n\nFurther details in the Qualys Security Advisory at\nhttps://www.qualys.com/2019/01/09/system-down/system-down.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-16864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-16865\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-16866\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.qualys.com/2019/01/09/system-down/system-down.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/systemd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/systemd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4367\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the systemd packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 232-25+deb9u7.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libnss-myhostname\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libnss-mymachines\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libnss-resolve\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libnss-systemd\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libpam-systemd\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsystemd-dev\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libsystemd0\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libudev-dev\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libudev1\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libudev1-udeb\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd-container\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd-coredump\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd-journal-remote\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"systemd-sysv\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"udev\", reference:\"232-25+deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"udev-udeb\", reference:\"232-25+deb9u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:45", "description": "- systemd-journald and systemd-journal-remote reject entries which contain too many fields (CVE-2018-16865, #1664973) and set limits on the process' command line length (CVE-2018-16864, #1664972)\n\n - Fix out-of-bounds read when parsing a crafted syslog message in systemd-journald (CVE-2018-16866, #1664975)\n\n - A signal is again used to stop user sessions instead of dbus (#1664491)\n\nNo need to log out or reboot.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-14T00:00:00", "type": "nessus", "title": "Fedora 29 : systemd (2019-18b3a10c7f)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2019-09-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:systemd", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-18B3A10C7F.NASL", "href": "https://www.tenable.com/plugins/nessus/121138", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-18b3a10c7f.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121138);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/09/23 11:21:09\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n script_xref(name:\"FEDORA\", value:\"2019-18b3a10c7f\");\n\n script_name(english:\"Fedora 29 : systemd (2019-18b3a10c7f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - systemd-journald and systemd-journal-remote reject\n entries which contain too many fields (CVE-2018-16865,\n #1664973) and set limits on the process' command line\n length (CVE-2018-16864, #1664972)\n\n - Fix out-of-bounds read when parsing a crafted syslog\n message in systemd-journald (CVE-2018-16866, #1664975)\n\n - A signal is again used to stop user sessions instead of\n dbus (#1664491)\n\nNo need to log out or reboot.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-18b3a10c7f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected systemd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"systemd-239-8.gite339eae.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-13T14:18:32", "description": "It was discovered that systemd-journald allocated variable-length buffers for certain message fields on the stack. A local attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2018-16864)\n\nIt was discovered that systemd-journald allocated variable-length arrays of objects representing message fields on the stack. A local attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2018-16865)\n\nAn out-of-bounds read was discovered in systemd-journald. A local attacker could potentially exploit this to obtain sensitive information and bypass ASLR protections. (CVE-2018-16866).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-14T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : systemd vulnerabilities (USN-3855-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:systemd", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.10"], "id": "UBUNTU_USN-3855-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121161", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3855-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121161);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n script_xref(name:\"USN\", value:\"3855-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : systemd vulnerabilities (USN-3855-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that systemd-journald allocated variable-length\nbuffers for certain message fields on the stack. A local attacker\ncould potentially exploit this to cause a denial of service, or\nexecute arbitrary code. (CVE-2018-16864)\n\nIt was discovered that systemd-journald allocated variable-length\narrays of objects representing message fields on the stack. A local\nattacker could potentially exploit this to cause a denial of service,\nor execute arbitrary code. (CVE-2018-16865)\n\nAn out-of-bounds read was discovered in systemd-journald. A local\nattacker could potentially exploit this to obtain sensitive\ninformation and bypass ASLR protections. (CVE-2018-16866).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3855-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected systemd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|18\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 18.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"systemd\", pkgver:\"229-4ubuntu21.15\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"systemd\", pkgver:\"237-3ubuntu10.11\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"systemd\", pkgver:\"239-7ubuntu10.6\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:59", "description": "This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\nCVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323)\n\nCVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\nFixed an issue during system startup in relation to encrypted swap disks (bsc#1119971)\n\nNon-security issues fixed: core: Queue loading transient units after setting their properties. (bsc#1115518)\n\nlogind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591)\n\nterminal-util: introduce vt_release() and vt_restore() helpers.\n\nterminal: Unify code for resetting kbd utf8 mode a bit.\n\nterminal Reset should honour default_utf8 kernel setting.\n\nlogind: Make session_restore_vt() static.\n\nudev: Downgrade message when settting inotify watch up fails.\n(bsc#1005023)\n\nlog: Never log into foreign fd #2 in PID 1 or its pre-execve() children. (bsc#1114981)\n\nudev: Ignore the exit code of systemd-detect-virt for memory hot-add.\nIn SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected _none_ state. The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-22T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2019:0135-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsystemd0", "p-cpe:/a:novell:suse_linux:libsystemd0-32bit", "p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo", "p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo-32bit", "p-cpe:/a:novell:suse_linux:libudev1", "p-cpe:/a:novell:suse_linux:libudev1-32bit", "p-cpe:/a:novell:suse_linux:libudev1-debuginfo", "p-cpe:/a:novell:suse_linux:libudev1-debuginfo-32bit", "p-cpe:/a:novell:suse_linux:systemd", "p-cpe:/a:novell:suse_linux:systemd-32bit", "p-cpe:/a:novell:suse_linux:systemd-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-debuginfo-32bit", "p-cpe:/a:novell:suse_linux:systemd-debugsource", "p-cpe:/a:novell:suse_linux:systemd-sysvinit", "p-cpe:/a:novell:suse_linux:udev", "p-cpe:/a:novell:suse_linux:udev-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0135-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121303", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0135-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121303);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2019:0135-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\nCVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through\nattacker-controlled alloca()s (bsc#1120323)\n\nCVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\nFixed an issue during system startup in relation to encrypted swap\ndisks (bsc#1119971)\n\nNon-security issues fixed: core: Queue loading transient units after\nsetting their properties. (bsc#1115518)\n\nlogind: Stop managing VT switches if no sessions are registered on\nthat VT. (bsc#1101591)\n\nterminal-util: introduce vt_release() and vt_restore() helpers.\n\nterminal: Unify code for resetting kbd utf8 mode a bit.\n\nterminal Reset should honour default_utf8 kernel setting.\n\nlogind: Make session_restore_vt() static.\n\nudev: Downgrade message when settting inotify watch up fails.\n(bsc#1005023)\n\nlog: Never log into foreign fd #2 in PID 1 or its pre-execve()\nchildren. (bsc#1114981)\n\nudev: Ignore the exit code of systemd-detect-virt for memory hot-add.\nIn SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that\nuses systemd-detect-virt to detect non-zvm environment. The\nsystemd-detect-virt returns exit failure code when it detected _none_\nstate. The exit failure code causes that the hot-add memory block can\nnot be set to online. (bsc#1076696)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115518\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16864/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16865/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16866/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190135-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?26e98101\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-135=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-135=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2019-135=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-135=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-135=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-135=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-135=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2019-135=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-135=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2019-135=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-135=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-135=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsystemd0-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsystemd0-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsystemd0-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libsystemd0-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libudev1-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libudev1-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libudev1-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libudev1-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-debugsource-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"systemd-sysvinit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"udev-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"udev-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsystemd0-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsystemd0-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsystemd0-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libsystemd0-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libudev1-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libudev1-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libudev1-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libudev1-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-debugsource-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"systemd-sysvinit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"udev-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"udev-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsystemd0-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsystemd0-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsystemd0-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libsystemd0-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libudev1-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libudev1-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libudev1-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libudev1-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-debugsource-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"systemd-sysvinit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"udev-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"udev-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsystemd0-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libudev1-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libudev1-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-debugsource-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-sysvinit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"udev-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"udev-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsystemd0-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libudev1-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libudev1-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-debuginfo-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-debuginfo-32bit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-debugsource-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-sysvinit-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"udev-228-150.58.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"udev-debuginfo-228-150.58.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:44:38", "description": "This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\n - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323)\n\n - CVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\n - Fixed an issue during system startup in relation to encrypted swap disks (bsc#1119971)\n\nNon-security issues fixed :\n\n - core: Queue loading transient units after setting their properties. (bsc#1115518)\n\n - logind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591)\n\n - terminal-util: introduce vt_release() and vt_restore() helpers.\n\n - terminal: Unify code for resetting kbd utf8 mode a bit.\n\n - terminal Reset should honour default_utf8 kernel setting.\n\n - logind: Make session_restore_vt() static.\n\n - udev: Downgrade message when settting inotify watch up fails. (bsc#1005023)\n\n - log: Never log into foreign fd #2 in PID 1 or its pre-execve() children. (bsc#1114981)\n\n - udev: Ignore the exit code of systemd-detect-virt for memory hot-add. In SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected _none_ state.\n The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696)\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update project.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : systemd (openSUSE-2019-97)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsystemd0", "p-cpe:/a:novell:opensuse:libsystemd0-32bit", "p-cpe:/a:novell:opensuse:libsystemd0-debuginfo", "p-cpe:/a:novell:opensuse:libsystemd0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsystemd0-mini", "p-cpe:/a:novell:opensuse:libsystemd0-mini-debuginfo", "p-cpe:/a:novell:opensuse:libudev-devel", "p-cpe:/a:novell:opensuse:libudev-mini-devel", "p-cpe:/a:novell:opensuse:libudev-mini1", "p-cpe:/a:novell:opensuse:libudev-mini1-debuginfo", "p-cpe:/a:novell:opensuse:libudev1", "p-cpe:/a:novell:opensuse:libudev1-32bit", "p-cpe:/a:novell:opensuse:libudev1-debuginfo", "p-cpe:/a:novell:opensuse:libudev1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:nss-myhostname", "p-cpe:/a:novell:opensuse:nss-myhostname-32bit", "p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo", "p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo-32bit", "p-cpe:/a:novell:opensuse:nss-mymachines", "p-cpe:/a:novell:opensuse:nss-mymachines-debuginfo", "p-cpe:/a:novell:opensuse:systemd", "p-cpe:/a:novell:opensuse:systemd-32bit", "p-cpe:/a:novell:opensuse:systemd-bash-completion", "p-cpe:/a:novell:opensuse:systemd-debuginfo", "p-cpe:/a:novell:opensuse:systemd-debuginfo-32bit", "p-cpe:/a:novell:opensuse:systemd-debugsource", "p-cpe:/a:novell:opensuse:systemd-devel", "p-cpe:/a:novell:opensuse:systemd-logger", "p-cpe:/a:novell:opensuse:systemd-mini", "p-cpe:/a:novell:opensuse:systemd-mini-bash-completion", "p-cpe:/a:novell:opensuse:systemd-mini-debuginfo", "p-cpe:/a:novell:opensuse:systemd-mini-debugsource", "p-cpe:/a:novell:opensuse:systemd-mini-devel", "p-cpe:/a:novell:opensuse:systemd-mini-sysvinit", "p-cpe:/a:novell:opensuse:systemd-sysvinit", "p-cpe:/a:novell:opensuse:udev", "p-cpe:/a:novell:opensuse:udev-debuginfo", "p-cpe:/a:novell:opensuse:udev-mini", "p-cpe:/a:novell:opensuse:udev-mini-debuginfo", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-97.NASL", "href": "https://www.tenable.com/plugins/nessus/121463", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-97.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121463);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n\n script_name(english:\"openSUSE Security Update : systemd (openSUSE-2019-97)\");\n script_summary(english:\"Check for the openSUSE-2019-97 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\n - CVE-2018-16864, CVE-2018-16865: Fixed two memory\n corruptions through attacker-controlled alloca()s\n (bsc#1120323)\n\n - CVE-2018-16866: Fixed an information leak in journald\n (bsc#1120323)\n\n - Fixed an issue during system startup in relation to\n encrypted swap disks (bsc#1119971)\n\nNon-security issues fixed :\n\n - core: Queue loading transient units after setting their\n properties. (bsc#1115518)\n\n - logind: Stop managing VT switches if no sessions are\n registered on that VT. (bsc#1101591)\n\n - terminal-util: introduce vt_release() and vt_restore()\n helpers.\n\n - terminal: Unify code for resetting kbd utf8 mode a bit.\n\n - terminal Reset should honour default_utf8 kernel\n setting.\n\n - logind: Make session_restore_vt() static.\n\n - udev: Downgrade message when settting inotify watch up\n fails. (bsc#1005023)\n\n - log: Never log into foreign fd #2 in PID 1 or its\n pre-execve() children. (bsc#1114981)\n\n - udev: Ignore the exit code of systemd-detect-virt for\n memory hot-add. In SLE-12-SP3, 80-hotplug-cpu-mem.rules\n has a memory hot-add rule that uses systemd-detect-virt\n to detect non-zvm environment. The systemd-detect-virt\n returns exit failure code when it detected _none_ state.\n The exit failure code causes that the hot-add memory\n block can not be set to online. (bsc#1076696)\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1076696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115518\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120323\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected systemd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsystemd0-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsystemd0-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsystemd0-mini-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libsystemd0-mini-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev-devel-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev-mini-devel-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev-mini1-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev-mini1-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev1-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libudev1-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nss-myhostname-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nss-myhostname-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nss-mymachines-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nss-mymachines-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-bash-completion-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-debugsource-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-devel-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-logger-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-bash-completion-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-debugsource-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-devel-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-mini-sysvinit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"systemd-sysvinit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"udev-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"udev-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"udev-mini-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"udev-mini-debuginfo-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libsystemd0-debuginfo-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libudev1-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libudev1-debuginfo-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"nss-myhostname-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"nss-myhostname-debuginfo-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"systemd-32bit-228-65.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"systemd-debuginfo-32bit-228-65.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsystemd0-mini / libsystemd0-mini-debuginfo / libudev-mini-devel / etc\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:47", "description": "Large syslogd messages sent to journald can cause stack corruption, causing journald to crash. The version of systemd on Amazon Linux 2 is not vulnerable to privilege escalation in this case. (CVE-2018-16864)\n\nLarge native messages to journald can cause stack corruption, leading to possible local privilege escalation.(CVE-2018-16865)\n\nPlease note, if you have systemd-journald-remote configured over http, then you could be open to remote escalation on previous versions of the systemd package. The systemd-journald-remote service is not installed by default on Amazon Linux 2, and when installed and enabled, the default configuration is to use https. (CVE-2018-16865)\n\nAn out-of-bounds read in journald, triggered by a specially crafted message, can be used to leak information through the journal file (CVE-2018-16866)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-10T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : systemd (ALAS-2019-1141)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866"], "modified": "2019-05-17T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libgudev1", "p-cpe:/a:amazon:linux:libgudev1-devel", "p-cpe:/a:amazon:linux:systemd", "p-cpe:/a:amazon:linux:systemd-debuginfo", "p-cpe:/a:amazon:linux:systemd-devel", "p-cpe:/a:amazon:linux:systemd-journal-gateway", "p-cpe:/a:amazon:linux:systemd-libs", "p-cpe:/a:amazon:linux:systemd-networkd", "p-cpe:/a:amazon:linux:systemd-python", "p-cpe:/a:amazon:linux:systemd-resolved", "p-cpe:/a:amazon:linux:systemd-sysv", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1141.NASL", "href": "https://www.tenable.com/plugins/nessus/121050", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1141.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121050);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/05/17 9:44:16\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\");\n script_xref(name:\"ALAS\", value:\"2019-1141\");\n\n script_name(english:\"Amazon Linux 2 : systemd (ALAS-2019-1141)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Large syslogd messages sent to journald can cause stack corruption,\ncausing journald to crash. The version of systemd on Amazon Linux 2 is\nnot vulnerable to privilege escalation in this case. (CVE-2018-16864)\n\nLarge native messages to journald can cause stack corruption, leading\nto possible local privilege escalation.(CVE-2018-16865)\n\nPlease note, if you have systemd-journald-remote configured over http,\nthen you could be open to remote escalation on previous versions of\nthe systemd package. The systemd-journald-remote service is not\ninstalled by default on Amazon Linux 2, and when installed and\nenabled, the default configuration is to use https. (CVE-2018-16865)\n\nAn out-of-bounds read in journald, triggered by a specially crafted\nmessage, can be used to leak information through the journal file\n(CVE-2018-16866)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1141.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update systemd' then reboot your instance, to update your\nsystem.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libgudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libgudev1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-journal-gateway\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-networkd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-resolved\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:systemd-sysv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"libgudev1-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"libgudev1-devel-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-debuginfo-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-devel-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-journal-gateway-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-libs-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-networkd-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-python-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-resolved-219-57.amzn2.0.7\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"systemd-sysv-219-57.amzn2.0.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgudev1 / libgudev1-devel / systemd / systemd-debuginfo / etc\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-01T15:12:31", "description": "The remote host is affected by the vulnerability described in GLSA-201903-03 (cURL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in cURL. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Remote attackers could cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-11T00:00:00", "type": "nessus", "title": "GLSA-201903-03 : cURL: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14618", "CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842", "CVE-2019-3822", "CVE-2019-3823"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:curl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201903-03.NASL", "href": "https://www.tenable.com/plugins/nessus/122731", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201903-03.\n#\n# The advisory text is Copyright (C) 2001-2022 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122731);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2018-14618\", \"CVE-2018-16839\", \"CVE-2018-16840\", \"CVE-2018-16842\", \"CVE-2019-3822\", \"CVE-2019-3823\");\n script_xref(name:\"GLSA\", value:\"201903-03\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0227\");\n\n script_name(english:\"GLSA-201903-03 : cURL: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-201903-03\n(cURL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in cURL. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n Remote attackers could cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201903-03\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All cURL users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/curl-7.64.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-misc/curl\", unaffected:make_list(\"ge 7.64.0\"), vulnerable:make_list(\"lt 7.64.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cURL\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:52:59", "description": "curl security problems :\n\nCVE-2018-16839: SASL password overflow via integer overflow\n\nlibcurl contains a buffer overrun in the SASL authentication code.\n\nThe internal function Curl_auth_create_plain_message fails to correctly verify that the passed in lengths for name and password aren't too long, then calculates a buffer size to allocate.\n\nOn systems with a 32 bit size_t, the math to calculate the buffer size triggers an integer overflow when the user name length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow.\n\nThis bug is very similar to CVE-2017-14618.\n\nIt affects curl 7.33.0 to 7.61.1.\n\nCVE-2018-16840: use-after-free in handle close\n\nlibcurl contains a heap use-after-free flaw in code related to closing an easy handle.\n\nWhen closing and cleaning up an 'easy' handle in the Curl_close() function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.\n\nIt affects curl 7.59.0 to 7.61.1.\n\nCVE-2018-16842: warning message out-of-buffer read\n\ncurl contains a heap out of buffer read vulnerability.\n\nThe command line tool has a generic function for displaying warning and informational messages to stderr for various situations. For example if an unknown command line argument is used, or passed to it in a 'config' file.\n\nThis display function formats the output to wrap at 80 columns. The wrap logic is however flawed, so if a single word in the message is itself longer than 80 bytes the buffer arithmetic calculates the remainder wrong and will end up reading behind the end of the buffer.\nThis could lead to information disclosure or crash.\n\nThis vulnerability could lead to a security issue if used in this or similar situations :\n\n1. a server somewhere uses the curl command line to run something\n\n2. if it fails, it shows stderr to the user\n\n3. the server takes user input for parts of its command line input\n\n4. user provides something overly long that triggers this crash\n\n5. the stderr output may now contain user memory contents that wasn't meant to be available\n\nIt affects curl 7.14.1 to 7.61.1.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-02T00:00:00", "type": "nessus", "title": "FreeBSD : curl -- multiple vulnerabilities (e0ab1773-07c1-46c6-9170-4c5e81c00927)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-14618", "CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842"], "modified": "2022-01-31T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:curl", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_E0AB177307C146C691704C5E81C00927.NASL", "href": "https://www.tenable.com/plugins/nessus/118707", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2022 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118707);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/31\");\n\n script_cve_id(\"CVE-2018-16839\", \"CVE-2018-16840\", \"CVE-2018-16842\");\n\n script_name(english:\"FreeBSD : curl -- multiple vulnerabilities (e0ab1773-07c1-46c6-9170-4c5e81c00927)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"curl security problems :\n\nCVE-2018-16839: SASL password overflow via integer overflow\n\nlibcurl contains a buffer overrun in the SASL authentication code.\n\nThe internal function Curl_auth_create_plain_message fails to\ncorrectly verify that the passed in lengths for name and password\naren't too long, then calculates a buffer size to allocate.\n\nOn systems with a 32 bit size_t, the math to calculate the buffer size\ntriggers an integer overflow when the user name length exceeds 2GB\n(2^31 bytes). This integer overflow usually causes a very small buffer\nto actually get allocated instead of the intended very huge one,\nmaking the use of that buffer end up in a heap buffer overflow.\n\nThis bug is very similar to CVE-2017-14618.\n\nIt affects curl 7.33.0 to 7.61.1.\n\nCVE-2018-16840: use-after-free in handle close\n\nlibcurl contains a heap use-after-free flaw in code related to closing\nan easy handle.\n\nWhen closing and cleaning up an 'easy' handle in the Curl_close()\nfunction, the library code first frees a struct (without nulling the\npointer) and might then subsequently erroneously write to a struct\nfield within that already freed struct.\n\nIt affects curl 7.59.0 to 7.61.1.\n\nCVE-2018-16842: warning message out-of-buffer read\n\ncurl contains a heap out of buffer read vulnerability.\n\nThe command line tool has a generic function for displaying warning\nand informational messages to stderr for various situations. For\nexample if an unknown command line argument is used, or passed to it\nin a 'config' file.\n\nThis display function formats the output to wrap at 80 columns. The\nwrap logic is however flawed, so if a single word in the message is\nitself longer than 80 bytes the buffer arithmetic calculates the\nremainder wrong and will end up reading behind the end of the buffer.\nThis could lead to information disclosure or crash.\n\nThis vulnerability could lead to a security issue if used in this or\nsimilar situations :\n\n1. a server somewhere uses the curl command line to run something\n\n2. if it fails, it shows stderr to the user\n\n3. the server takes user input for parts of its command line input\n\n4. user provides something overly long that triggers this crash\n\n5. the stderr output may now contain user memory contents that wasn't\nmeant to be available\n\nIt affects curl 7.14.1 to 7.61.1.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://curl.haxx.se/docs/security.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://curl.haxx.se/docs/CVE-2018-16839.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://curl.haxx.se/docs/CVE-2018-16840.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://curl.haxx.se/docs/CVE-2018-16842.html\"\n );\n # https://vuxml.freebsd.org/freebsd/e0ab1773-07c1-46c6-9170-4c5e81c00927.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?79d7317b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16840\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"curl>=7.14.1<7.60.0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:49", "description": "This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\nCVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323)\n\nCVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\nCVE-2018-6954: Fix mishandling of symlinks present in non-terminal path components (bsc#1080919)\n\nFixed an issue during system startup in relation to encrypted swap disks (bsc#1119971)\n\nNon-security issues fixed: pam_systemd: Fix 'Cannot create session:\nAlready running in a session' (bsc#1111498)\n\nsystemd-vconsole-setup: vconsole setup fails, fonts will not be copied to tty (bsc#1114933)\n\nsystemd-tmpfiles-setup: symlinked /tmp to /var/tmp breaking multiple units (bsc#1045723)\n\nFixed installation issue with /etc/machine-id during update (bsc#1117063)\n\nbtrfs: qgroups are assigned to parent qgroups after reboot (bsc#1093753)\n\nlogind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591)\n\nudev: Downgrade message when settting inotify watch up fails.\n(bsc#1005023)\n\nudev: Ignore the exit code of systemd-detect-virt for memory hot-add.\nIn SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected _none_ state. The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-22T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:0137-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2018-6954"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsystemd0", "p-cpe:/a:novell:suse_linux:libsystemd0-32bit", "p-cpe:/a:novell:suse_linux:libsystemd0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo", "p-cpe:/a:novell:suse_linux:libsystemd0-mini", "p-cpe:/a:novell:suse_linux:libsystemd0-mini-debuginfo", "p-cpe:/a:novell:suse_linux:libudev-devel", "p-cpe:/a:novell:suse_linux:libudev-mini-devel", "p-cpe:/a:novell:suse_linux:libudev-mini1", "p-cpe:/a:novell:suse_linux:libudev-mini1-debuginfo", "p-cpe:/a:novell:suse_linux:libudev1", "p-cpe:/a:novell:suse_linux:libudev1-32bit", "p-cpe:/a:novell:suse_linux:libudev1-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libudev1-debuginfo", "p-cpe:/a:novell:suse_linux:nss-myhostname", "p-cpe:/a:novell:suse_linux:nss-myhostname-debuginfo", "p-cpe:/a:novell:suse_linux:nss-mymachines", "p-cpe:/a:novell:suse_linux:nss-mymachines-debuginfo", "p-cpe:/a:novell:suse_linux:nss-systemd", "p-cpe:/a:novell:suse_linux:nss-systemd-debuginfo", "p-cpe:/a:novell:suse_linux:systemd", "p-cpe:/a:novell:suse_linux:systemd-32bit", "p-cpe:/a:novell:suse_linux:systemd-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-container", "p-cpe:/a:novell:suse_linux:systemd-container-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-coredump", "p-cpe:/a:novell:suse_linux:systemd-coredump-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-debugsource", "p-cpe:/a:novell:suse_linux:systemd-devel", "p-cpe:/a:novell:suse_linux:systemd-logger", "p-cpe:/a:novell:suse_linux:systemd-mini", "p-cpe:/a:novell:suse_linux:systemd-mini-container-mini", "p-cpe:/a:novell:suse_linux:systemd-mini-container-mini-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini", "p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-mini-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-mini-debugsource", "p-cpe:/a:novell:suse_linux:systemd-mini-devel", "p-cpe:/a:novell:suse_linux:systemd-mini-sysvinit", "p-cpe:/a:novell:suse_linux:systemd-sysvinit", "p-cpe:/a:novell:suse_linux:udev", "p-cpe:/a:novell:suse_linux:udev-debuginfo", "p-cpe:/a:novell:suse_linux:udev-mini", "p-cpe:/a:novell:suse_linux:udev-mini-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-0137-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121304", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0137-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121304);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\", \"CVE-2018-6954\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:0137-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\nCVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through\nattacker-controlled alloca()s (bsc#1120323)\n\nCVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\nCVE-2018-6954: Fix mishandling of symlinks present in non-terminal\npath components (bsc#1080919)\n\nFixed an issue during system startup in relation to encrypted swap\ndisks (bsc#1119971)\n\nNon-security issues fixed: pam_systemd: Fix 'Cannot create session:\nAlready running in a session' (bsc#1111498)\n\nsystemd-vconsole-setup: vconsole setup fails, fonts will not be copied\nto tty (bsc#1114933)\n\nsystemd-tmpfiles-setup: symlinked /tmp to /var/tmp breaking multiple\nunits (bsc#1045723)\n\nFixed installation issue with /etc/machine-id during update\n(bsc#1117063)\n\nbtrfs: qgroups are assigned to parent qgroups after reboot\n(bsc#1093753)\n\nlogind: Stop managing VT switches if no sessions are registered on\nthat VT. (bsc#1101591)\n\nudev: Downgrade message when settting inotify watch up fails.\n(bsc#1005023)\n\nudev: Ignore the exit code of systemd-detect-virt for memory hot-add.\nIn SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that\nuses systemd-detect-virt to detect non-zvm environment. The\nsystemd-detect-virt returns exit failure code when it detected _none_\nstate. The exit failure code causes that the hot-add memory block can\nnot be set to online. (bsc#1076696)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1045723\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1080919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1093753\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16864/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16865/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16866/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-6954/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190137-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f97bddbc\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-137=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-137=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-mini1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-mini1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-myhostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-myhostname-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-mymachines\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-mymachines-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-container-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-coredump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-coredump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-container-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-container-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libudev1-32bit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libudev1-32bit-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"systemd-32bit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"systemd-32bit-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsystemd0-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsystemd0-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsystemd0-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsystemd0-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev-mini-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev-mini1-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev-mini1-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev1-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev1-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-myhostname-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-myhostname-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-mymachines-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-mymachines-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-systemd-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-systemd-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-container-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-container-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-coredump-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-coredump-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-debugsource-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-logger-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-container-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-container-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-coredump-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-coredump-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-debugsource-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-sysvinit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-sysvinit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"udev-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"udev-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"udev-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"udev-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libudev1-32bit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libudev1-32bit-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"systemd-32bit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"systemd-32bit-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsystemd0-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsystemd0-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsystemd0-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsystemd0-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev-mini-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev-mini1-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev-mini1-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev1-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev1-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-myhostname-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-myhostname-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-mymachines-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-mymachines-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-systemd-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-systemd-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-container-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-container-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-coredump-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-coredump-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-debugsource-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-logger-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-container-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-container-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-coredump-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-coredump-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-debugsource-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-devel-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-sysvinit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-sysvinit-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"udev-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"udev-debuginfo-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"udev-mini-234-24.20.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"udev-mini-debuginfo-234-24.20.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:45:17", "description": "This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\n - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323)\n\n - CVE-2018-16866: Fixed an information leak in journald (bsc#1120323)\n\n - CVE-2018-6954: Fix mishandling of symlinks present in non-terminal path components (bsc#1080919)\n\n - Fixed an issue during system startup in relation to encrypted swap disks (bsc#1119971)\n\nNon-security issues fixed :\n\n - pam_systemd: Fix 'Cannot create session: Already running in a session' (bsc#1111498)\n\n - systemd-vconsole-setup: vconsole setup fails, fonts will not be copied to tty (bsc#1114933)\n\n - systemd-tmpfiles-setup: symlinked /tmp to /var/tmp breaking multiple units (bsc#1045723)\n\n - Fixed installation issue with /etc/machine-id during update (bsc#1117063)\n\n - btrfs: qgroups are assigned to parent qgroups after reboot (bsc#1093753)\n\n - logind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591)\n\n - udev: Downgrade message when settting inotify watch up fails. (bsc#1005023)\n\n - udev: Ignore the exit code of systemd-detect-virt for memory hot-add. In SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected _none_ state.\n The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696) This update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : systemd (openSUSE-2019-98)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2018-6954"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libsystemd0", "p-cpe:/a:novell:opensuse:libsystemd0-32bit", "p-cpe:/a:novell:opensuse:libsystemd0-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libsystemd0-debuginfo", "p-cpe:/a:novell:opensuse:libsystemd0-mini", "p-cpe:/a:novell:opensuse:libsystemd0-mini-debuginfo", "p-cpe:/a:novell:opensuse:libudev-devel", "p-cpe:/a:novell:opensuse:libudev-devel-32bit", "p-cpe:/a:novell:opensuse:libudev-mini-devel", "p-cpe:/a:novell:opensuse:libudev-mini1", "p-cpe:/a:novell:opensuse:libudev-mini1-debuginfo", "p-cpe:/a:novell:opensuse:libudev1", "p-cpe:/a:novell:opensuse:libudev1-32bit", "p-cpe:/a:novell:opensuse:libudev1-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libudev1-debuginfo", "p-cpe:/a:novell:opensuse:nss-myhostname", "p-cpe:/a:novell:opensuse:nss-myhostname-32bit", "p-cpe:/a:novell:opensuse:nss-myhostname-32bit-debuginfo", "p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo", "p-cpe:/a:novell:opensuse:nss-mymachines", "p-cpe:/a:novell:opensuse:nss-mymachines-32bit", "p-cpe:/a:novell:opensuse:nss-mymachines-32bit-debuginfo", "p-cpe:/a:novell:opensuse:nss-mymachines-debuginfo", "p-cpe:/a:novell:opensuse:nss-systemd", "p-cpe:/a:novell:opensuse:nss-systemd-debuginfo", "p-cpe:/a:novell:opensuse:systemd", "p-cpe:/a:novell:opensuse:systemd-32bit", "p-cpe:/a:novell:opensuse:systemd-32bit-debuginfo", "p-cpe:/a:novell:opensuse:systemd-bash-completion", "p-cpe:/a:novell:opensuse:systemd-container", "p-cpe:/a:novell:opensuse:systemd-container-debuginfo", "p-cpe:/a:novell:opensuse:systemd-coredump", "p-cpe:/a:novell:opensuse:systemd-coredump-debuginfo", "p-cpe:/a:novell:opensuse:systemd-debuginfo", "p-cpe:/a:novell:opensuse:systemd-debugsource", "p-cpe:/a:novell:opensuse:systemd-devel", "p-cpe:/a:novell:opensuse:systemd-logger", "p-cpe:/a:novell:opensuse:systemd-mini", "p-cpe:/a:novell:opensuse:systemd-mini-bash-completion", "p-cpe:/a:novell:opensuse:systemd-mini-container-mini", "p-cpe:/a:novell:opensuse:systemd-mini-container-mini-debuginfo", "p-cpe:/a:novell:opensuse:systemd-mini-coredump-mini", "p-cpe:/a:novell:opensuse:systemd-mini-coredump-mini-debuginfo", "p-cpe:/a:novell:opensuse:systemd-mini-debuginfo", "p-cpe:/a:novell:opensuse:systemd-mini-debugsource", "p-cpe:/a:novell:opensuse:systemd-mini-devel", "p-cpe:/a:novell:opensuse:systemd-mini-sysvinit", "p-cpe:/a:novell:opensuse:systemd-sysvinit", "p-cpe:/a:novell:opensuse:udev", "p-cpe:/a:novell:opensuse:udev-debuginfo", "p-cpe:/a:novell:opensuse:udev-mini", "p-cpe:/a:novell:opensuse:udev-mini-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-98.NASL", "href": "https://www.tenable.com/plugins/nessus/121464", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-98.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121464);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\", \"CVE-2018-6954\");\n\n script_name(english:\"openSUSE Security Update : systemd (openSUSE-2019-98)\");\n script_summary(english:\"Check for the openSUSE-2019-98 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for systemd provides the following fixes :\n\nSecurity issues fixed :\n\n - CVE-2018-16864, CVE-2018-16865: Fixed two memory\n corruptions through attacker-controlled alloca()s\n (bsc#1120323)\n\n - CVE-2018-16866: Fixed an information leak in journald\n (bsc#1120323)\n\n - CVE-2018-6954: Fix mishandling of symlinks present in\n non-terminal path components (bsc#1080919)\n\n - Fixed an issue during system startup in relation to\n encrypted swap disks (bsc#1119971)\n\nNon-security issues fixed :\n\n - pam_systemd: Fix 'Cannot create session: Already running\n in a session' (bsc#1111498)\n\n - systemd-vconsole-setup: vconsole setup fails, fonts will\n not be copied to tty (bsc#1114933)\n\n - systemd-tmpfiles-setup: symlinked /tmp to /var/tmp\n breaking multiple units (bsc#1045723)\n\n - Fixed installation issue with /etc/machine-id during\n update (bsc#1117063)\n\n - btrfs: qgroups are assigned to parent qgroups after\n reboot (bsc#1093753)\n\n - logind: Stop managing VT switches if no sessions are\n registered on that VT. (bsc#1101591)\n\n - udev: Downgrade message when settting inotify watch up\n fails. (bsc#1005023)\n\n - udev: Ignore the exit code of systemd-detect-virt for\n memory hot-add. In SLE-12-SP3, 80-hotplug-cpu-mem.rules\n has a memory hot-add rule that uses systemd-detect-virt\n to detect non-zvm environment. The systemd-detect-virt\n returns exit failure code when it detected _none_ state.\n The exit failure code causes that the hot-add memory\n block can not be set to online. (bsc#1076696) This\n update was imported from the SUSE:SLE-15:Update update\n project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1045723\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1076696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1080919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1093753\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120323\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected systemd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsystemd0-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev-mini1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libudev1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-myhostname-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-mymachines-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nss-systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-container-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-coredump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-coredump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-container-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-container-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-coredump-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-coredump-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-mini-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:udev-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsystemd0-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsystemd0-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsystemd0-mini-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libsystemd0-mini-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libudev-devel-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libudev-mini-devel-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libudev-mini1-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libudev-mini1-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libudev1-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libudev1-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nss-myhostname-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nss-myhostname-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nss-mymachines-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nss-mymachines-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nss-systemd-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"nss-systemd-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-bash-completion-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-container-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-container-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-coredump-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-coredump-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-debugsource-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-devel-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-logger-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-bash-completion-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-container-mini-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-container-mini-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-coredump-mini-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-coredump-mini-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-debugsource-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-devel-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-mini-sysvinit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"systemd-sysvinit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"udev-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"udev-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"udev-mini-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"udev-mini-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libudev-devel-32bit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libudev1-32bit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libudev1-32bit-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"nss-myhostname-32bit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"nss-myhostname-32bit-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"nss-mymachines-32bit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"nss-mymachines-32bit-debuginfo-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"systemd-32bit-234-lp150.20.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"systemd-32bit-debuginfo-234-lp150.20.12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsystemd0-mini / libsystemd0-mini-debuginfo / libudev-mini-devel / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:50:34", "description": "The remote host is affected by the vulnerability described in GLSA-201903-07 (systemd: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in systemd. Please review the CVE identifiers referenced below for details.\n Impact :\n\n An attacker could cause a Denial of Service condition or possibly execute arbitrary code.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-11T00:00:00", "type": "nessus", "title": "GLSA-201903-07 : systemd: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865", "CVE-2018-16866", "CVE-2019-6454"], "modified": "2020-02-05T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:systemd", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201903-07.NASL", "href": "https://www.tenable.com/plugins/nessus/122735", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201903-07.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122735);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/02/05\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\", \"CVE-2018-16866\", \"CVE-2019-6454\");\n script_xref(name:\"GLSA\", value:\"201903-07\");\n\n script_name(english:\"GLSA-201903-07 : systemd: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201903-07\n(systemd: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in systemd. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n An attacker could cause a Denial of Service condition or possibly\n execute arbitrary code.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201903-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All systemd users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-apps/systemd-239-r4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16865\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"sys-apps/systemd\", unaffected:make_list(\"ge 239-r4\"), vulnerable:make_list(\"lt 239-r4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:52:38", "description": "Two vulnerabilities were discovered in cURL, an URL transfer library.\n\n - CVE-2018-16839 Harry Sintonen discovered that, on systems with a 32 bit size_t, an integer overflow would be triggered when a SASL user name longer than 2GB is used. This would in turn cause a very small buffer to be allocated instead of the intended very huge one, which would trigger a heap buffer overflow when the buffer is used.\n\n - CVE-2018-16842 Brian Carpenter discovered that the logic in the curl tool to wrap error messages at 80 columns is flawed, leading to a read buffer overflow if a single word in the message is itself longer than 80 bytes.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Debian DSA-4331-1 : curl - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16839", "CVE-2018-16842"], "modified": "2021-04-29T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:curl", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4331.NASL", "href": "https://www.tenable.com/plugins/nessus/118720", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4331. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118720);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/29\");\n\n script_cve_id(\"CVE-2018-16839\", \"CVE-2018-16842\");\n script_xref(name:\"DSA\", value:\"4331\");\n\n script_name(english:\"Debian DSA-4331-1 : curl - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Two vulnerabilities were discovered in cURL, an URL transfer library.\n\n - CVE-2018-16839\n Harry Sintonen discovered that, on systems with a 32 bit\n size_t, an integer overflow would be triggered when a\n SASL user name longer than 2GB is used. This would in\n turn cause a very small buffer to be allocated instead\n of the intended very huge one, which would trigger a\n heap buffer overflow when the buffer is used.\n\n - CVE-2018-16842\n Brian Carpenter discovered that the logic in the curl\n tool to wrap error messages at 80 columns is flawed,\n leading to a read buffer overflow if a single word in\n the message is itself longer than 80 bytes.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-16839\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-16842\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/curl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/curl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4331\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the curl packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 7.52.1-5+deb9u8.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"curl\", reference:\"7.52.1-5+deb9u8\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcurl3\", reference:\"7.52.1-5+deb9u8\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcurl3-dbg\", reference:\"7.52.1-5+deb9u8\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcurl3-gnutls\", reference:\"7.52.1-5+deb9u8\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcurl3-nss\", reference:\"7.52.1-5+deb9u8\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcurl4-doc\", reference:\"7.52.1-5+deb9u8\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcurl4-gnutls-dev\", reference:\"7.52.1-5+deb9u8\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcurl4-nss-dev\", reference:\"7.52.1-5+deb9u8\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcurl4-openssl-dev\", reference:\"7.52.1-5+deb9u8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:51:02", "description": "An update of the curl package has been released.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-18T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Curl PHSA-2019-1.0-0205", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14618", "CVE-2018-16839"], "modified": "2020-02-04T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:curl", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0205_CURL.NASL", "href": "https://www.tenable.com/plugins/nessus/122898", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0205. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122898);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/02/04\");\n\n script_cve_id(\"CVE-2018-14618\", \"CVE-2018-16839\");\n\n script_name(english:\"Photon OS 1.0: Curl PHSA-2019-1.0-0205\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the curl package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-205.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14618\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"curl-7.59.0-5.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"curl-debuginfo-7.59.0-5.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:52:25", "description": "This update for curl fixes the following issues :\n\nCVE-2018-16840: A use after free in closing SASL handles was fixed (bsc#1112758)\n\nCVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2018:3608-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16840", "CVE-2018-16842"], "modified": "2021-04-29T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:curl", "p-cpe:/a:novell:suse_linux:curl-debuginfo", "p-cpe:/a:novell:suse_linux:curl-debugsource", "p-cpe:/a:novell:suse_linux:libcurl4", "p-cpe:/a:novell:suse_linux:libcurl4-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-3608-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118729", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3608-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118729);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/29\");\n\n script_cve_id(\"CVE-2018-16840\", \"CVE-2018-16842\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2018:3608-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for curl fixes the following issues :\n\nCVE-2018-16840: A use after free in closing SASL handles was fixed\n(bsc#1112758)\n\nCVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which\ncould lead to crashes (bsc#1113660)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16840/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16842/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183608-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?00bf325c\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-2563=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-2563=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-2563=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2018-2563=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:curl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcurl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcurl4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"curl-7.37.0-37.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"curl-debuginfo-7.37.0-37.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"curl-debugsource-7.37.0-37.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libcurl4-32bit-7.37.0-37.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libcurl4-7.37.0-37.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libcurl4-debuginfo-32bit-7.37.0-37.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libcurl4-debuginfo-7.37.0-37.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"curl-7.37.0-37.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"curl-debuginfo-7.37.0-37.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"curl-debugsource-7.37.0-37.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libcurl4-32bit-7.37.0-37.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libcurl4-7.37.0-37.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libcurl4-debuginfo-32bit-7.37.0-37.31.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libcurl4-debuginfo-7.37.0-37.31.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:49", "description": "This update for curl fixes the following issues :\n\n - CVE-2018-16840: A use after free in closing SASL handles was fixed (bsc#1112758)\n\n - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-11T00:00:00", "type": "nessus", "title": "openSUSE Security Update : curl (openSUSE-2018-1383)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16840", "CVE-2018-16842"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:curl", "p-cpe:/a:novell:opensuse:curl-debuginfo", "p-cpe:/a:novell:opensuse:curl-debugsource", "p-cpe:/a:novell:opensuse:libcurl-devel", "p-cpe:/a:novell:opensuse:libcurl-devel-32bit", "p-cpe:/a:novell:opensuse:libcurl4", "p-cpe:/a:novell:opensuse:libcurl4-32bit", "p-cpe:/a:novell:opensuse:libcurl4-debuginfo", "p-cpe:/a:novell:opensuse:libcurl4-debuginfo-32bit", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-1383.NASL", "href": "https://www.tenable.com/plugins/nessus/118879", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1383.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118879);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-16840\", \"CVE-2018-16842\");\n\n script_name(english:\"openSUSE Security Update : curl (openSUSE-2018-1383)\");\n script_summary(english:\"Check for the openSUSE-2018-1383 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for curl fixes the following issues :\n\n - CVE-2018-16840: A use after free in closing SASL handles\n was fixed (bsc#1112758)\n\n - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was\n fixed which could lead to crashes (bsc#1113660)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113660\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"curl-7.37.0-42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"curl-debuginfo-7.37.0-42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"curl-debugsource-7.37.0-42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libcurl-devel-7.37.0-42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libcurl4-7.37.0-42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libcurl4-debuginfo-7.37.0-42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libcurl-devel-32bit-7.37.0-42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libcurl4-32bit-7.37.0-42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libcurl4-debuginfo-32bit-7.37.0-42.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl / curl-debuginfo / curl-debugsource / libcurl-devel-32bit / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:25", "description": "An update of the curl package has been released.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Curl PHSA-2019-1.0-0203", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16840", "CVE-2018-16842"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:curl", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0203_CURL.NASL", "href": "https://www.tenable.com/plugins/nessus/122015", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0203. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122015);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2018-16840\", \"CVE-2018-16842\");\n\n script_name(english:\"Photon OS 1.0: Curl PHSA-2019-1.0-0203\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the curl package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-203.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16840\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"curl-7.59.0-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"curl-7.59.0-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"curl-debuginfo-7.59.0-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"curl-debuginfo-7.59.0-4.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:23", "description": "This update for curl fixes the following issues :\n\nCVE-2018-16840: A use-after-free in SASL handle close was fixed (bsc#1112758)\n\nCVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-11-09T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : curl (SUSE-SU-2018:3681-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16840", "CVE-2018-16842"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:curl", "p-cpe:/a:novell:suse_linux:libcurl4", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2018-3681-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118854", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3681-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118854);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-16840\", \"CVE-2018-16842\");\n\n script_name(english:\"SUSE SLES11 Security Update : curl (SUSE-SU-2018:3681-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for curl fixes the following issues :\n\nCVE-2018-16840: A use-after-free in SASL handle close was fixed\n(bsc#1112758)\n\nCVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which\ncould lead to crashes (bsc#1113660)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16840/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16842/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183681-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5f709d14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-curl-13861=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-curl-13861=1\n\nSUSE Linux Enterprise Server 11-SECURITY:zypper in -t patch\nsecsp3-curl-13861=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-curl-13861=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcurl4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libcurl4-32bit-7.37.0-70.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libcurl4-32bit-7.37.0-70.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"curl-7.37.0-70.38.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libcurl4-7.37.0-70.38.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-25T14:24:10", "description": "The openSUSE Leap 42.3 Linux kernel was updated to 4.4.172 to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2019-3459,CVE-2019-3460: Two remote information leak vulnerabilities in the Bluetooth stack were fixed that could potentially leak kernel information (bsc#1120758)\n\n - CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).\n\n - CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso _get_config_data that could be used by local attackers (bnc#1120743).\n\n - CVE-2018-1120: By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which made a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks) (bnc#1087082).\n\n - CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).\n\n - CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to\n __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n\n - CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).\n\n - CVE-2018-16862: A security flaw was found in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).\n\n - CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n\nThe following non-security bugs were fixed :\n\n - 9p/net: put a lower bound on msize (bnc#1012382).\n\n - ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1121239).\n\n - acpi/nfit: Block function zero DSMs (bsc#1123321).\n\n - acpi/nfit: Fix command-supported detection (bsc#1123323).\n\n - acpi/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114648).\n\n - acpi/nfit, x86/mce: Validate a MCE's address before using it (bsc#1114648).\n\n - acpi/power: Skip duplicate power resource references in\n _PRx (bnc#1012382).\n\n - acpi/processor: Fix the return value of acpi_processor_ids_walk() (git fixes (acpi)).\n\n - aio: fix spectre gadget in lookup_ioctx (bnc#1012382).\n\n - aio: hold an extra file reference over AIO read/write operations (bsc#1116027).\n\n - alsa: ac97: Fix incorrect bit shift at AC97-SPSA control write (bnc#1012382).\n\n - alsa: bebob: fix model-id of unit for Apogee Ensemble (bnc#1012382).\n\n - alsa: control: Fix race between adding and removing a user element (bnc#1012382).\n\n - alsa: cs46xx: Potential NULL dereference in probe (bnc#1012382).\n\n - alsa: emu10k1: Fix potential Spectre v1 vulnerabilities (bnc#1012382).\n\n - alsa: emux: Fix potential Spectre v1 vulnerabilities (bnc#1012382).\n\n - alsa: hda: add mute LED support for HP EliteBook 840 G4 (bnc#1012382).\n\n - alsa: hda: Add support for AMD Stoney Ridge (bnc#1012382).\n\n - alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bnc#1012382).\n\n - alsa: hda/tegra: clear pending irq handlers (bnc#1012382).\n\n - alsa: isa/wavefront: prevent some out of bound writes (bnc#1012382).\n\n - alsa: pcm: Call snd_pcm_unlink() conditionally at closing (bnc#1012382).\n\n - alsa: pcm: Fix interval evaluation with openmin/max (bnc#1012382).\n\n - alsa: pcm: Fix potential Spectre v1 vulnerability (bnc#1012382).\n\n - alsa: pcm: Fix starvation on down_write_nonblock() (bnc#1012382).\n\n - alsa: pcm: remove SNDRV_PCM_IOCTL1_INFO internal command (bnc#1012382).\n\n - alsa: rme9652: Fix potential Spectre v1 vulnerability (bnc#1012382).\n\n - alsa: sparc: Fix invalid snd_free_pages() at error path (bnc#1012382).\n\n - alsa: trident: Suppress gcc string warning (bnc#1012382).\n\n - alsa: usb-audio: Avoid access before bLength check in build_audio_procunit() (bnc#1012382).\n\n - alsa: usb-audio: Fix an out-of-bound read in create_composite_quirks (bnc#1012382).\n\n - alsa: wss: Fix invalid snd_free_pages() at error path (bnc#1012382).\n\n - arc: change defconfig defaults to ARCv2 (bnc#1012382).\n\n - arc: [devboards] Add support of NFSv3 ACL (bnc#1012382).\n\n - arc: io.h: Implement reads(x)()/writes(x)() (bnc#1012382).\n\n - arm64: Do not trap host pointer auth use to EL2 (bnc#1012382).\n\n - arm64/kvm: consistently handle host HCR_EL2 flags (bnc#1012382).\n\n - arm64: perf: set suppress_bind_attrs flag to true (bnc#1012382).\n\n - arm64: remove no-op -p linker flag (bnc#1012382).\n\n - arm: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address handling (bnc#1012382).\n\n - arm: imx: update the cpu power up timing setting on i.mx6sx (bnc#1012382).\n\n - arm: kvm: fix building with gcc-8 (bsc#1121241).\n\n - arm: OMAP1: ams-delta: Fix possible use of uninitialized field (bnc#1012382).\n\n - arm: OMAP2+: prm44xx: Fix section annotation on omap44xx_prm_enable_io_wakeup (bnc#1012382).\n\n - ASoC: dapm: Recalculate audio map forcely when card instantiated (bnc#1012382).\n\n - ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bnc#1012382).\n\n - ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bnc#1012382).\n\n - ata: Fix racy link clearance (bsc#1107866).\n\n - ath10k: fix kernel panic due to race in accessing arvif list (bnc#1012382).\n\n - ax25: fix a use-after-free in ax25_fillin_cb() (bnc#1012382).\n\n - b43: Fix error in cordic routine (bnc#1012382).\n\n - batman-adv: Expand merged fragment buffer for full packet (bnc#1012382).\n\n - bfs: add sanity check at bfs_fill_super() (bnc#1012382).\n\n - block/loop: Use global lock for ioctl() operation (bnc#1012382).\n\n - block/swim3: Fix -EBUSY error when re-opening device after unmount (Git-fixes).\n\n - bnx2x: Assign unique DMAE channel number for FW DMAE transactions (bnc#1012382).\n\n - bonding: fix 802.3ad state sent to partner when unbinding slave (bnc#1012382).\n\n - bpf: fix check of allowed specifiers in bpf_trace_printk (bnc#1012382).\n\n - bpf: support 8-byte metafield access (bnc#1012382).\n\n - bpf, trace: check event type in bpf_perf_event_read (bsc#1119970).\n\n - bpf, trace: use READ_ONCE for retrieving file ptr (bsc#1119967).\n\n - bpf/verifier: Add spi variable to check_stack_write() (bnc#1012382).\n\n - bpf/verifier: Pass instruction index to check_mem_access() and check_xadd() (bnc#1012382).\n\n - btrfs: Always try all copies when reading extent buffers (bnc#1012382).\n\n - btrfs: ensure path name is null terminated at btrfs_control_ioctl (bnc#1012382).\n\n - btrfs: Fix memory barriers usage with device stats counters (git-fixes).\n\n - btrfs: fix use-after-free when dumping free space (bnc#1012382).\n\n - btrfs: Handle error from btrfs_uuid_tree_rem call in\n _btrfs_ioctl_set_received_subvol (git-fixes).\n\n - btrfs: release metadata before running delayed refs (bnc#1012382).\n\n - btrfs: send, fix infinite loop due to directory rename dependencies (bnc#1012382).\n\n - btrfs: tree-checker: Check level for leaves and nodes (bnc#1012382).\n\n - btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bnc#1012382 bsc#1102875 bsc#1102877 bsc#1102879 bsc#1102882 bsc#1102896).\n\n - btrfs: tree-checker: Fix misleading group system information (bnc#1012382).\n\n - btrfs: tree-check: reduce stack consumption in check_dir_item (bnc#1012382).\n\n - btrfs: validate type when reading a chunk (bnc#1012382).\n\n - btrfs: wait on ordered extents on abort cleanup (bnc#1012382).\n\n - can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bnc#1012382).\n\n - can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bnc#1012382).\n\n - can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bnc#1012382).\n\n - can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bnc#1012382).\n\n - can: gw: ensure DLC boundaries after CAN frame modification (bnc#1012382).\n\n - can: rcar_can: Fix erroneous registration (bnc#1012382).\n\n - cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader (bnc#1012382).\n\n - ceph: do not update importing cap's mseq when handing cap export (bsc#1121275).\n\n - checkstack.pl: fix for aarch64 (bnc#1012382).\n\n - cifs: Do not hide EINTR after sending network packets (bnc#1012382).\n\n - cifs: Fix error mapping for SMB2_LOCK command which caused OFD lock problem (bnc#1012382).\n\n - cifs: Fix potential OOB access of lock element array (bnc#1012382).\n\n - cifs: Fix separator when building path from dentry (bnc#1012382).\n\n - cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs) (bnc#1012382).\n\n - clk: imx6q: reset exclusive gates on init (bnc#1012382).\n\n - clk: mmp: Off by one in mmp_clk_add() (bnc#1012382).\n\n - cpufeature: avoid warning when compiling with clang (Git-fixes).\n\n - cpufreq: imx6q: add return value check for voltage scale (bnc#1012382).\n\n - crypto: authencesn - Avoid twice completion call in decrypt path (bnc#1012382).\n\n - crypto: authenc - fix parsing key with misaligned rta_len (bnc#1012382).\n\n - crypto: cts - fix crash on short inputs (bnc#1012382).\n\n - crypto: user - support incremental algorithm dumps (bsc#1120902).\n\n - crypto: x86/chacha20 - avoid sleeping with preemption disabled (bnc#1012382).\n\n - cw1200: Do not leak memory if krealloc failes (bnc#1012382).\n\n - debugobjects: avoid recursive calls with kmemleak (bnc#1012382).\n\n - Disable MSI also when pcie-octeon.pcie_disable on (bnc#1012382).\n\n - disable stringop truncation warnings for now (bnc#1012382).\n\n - dlm: fixed memory leaks after failed ls_remove_names allocation (bnc#1012382).\n\n - dlm: lost put_lkb on error path in receive_convert() and receive_unlock() (bnc#1012382).\n\n - dlm: memory leaks on error path in dlm_user_request() (bnc#1012382).\n\n - dlm: possible memory leak on error path in create_lkb() (bnc#1012382).\n\n - dmaengine: at_hdmac: fix memory leak in at_dma_xlate() (bnc#1012382).\n\n - dmaengine: at_hdmac: fix module unloading (bnc#1012382).\n\n - dm cache metadata: ignore hints array being too small during resize (Git-fixes).\n\n - dm crypt: add cryptographic data integrity protection (authenticated encryption) (Git-fixes).\n\n - dm crypt: factor IV constructor out to separate function (Git-fixes).\n\n - dm crypt: fix crash by adding missing check for auth key size (git-fixes).\n\n - dm crypt: fix error return code in crypt_ctr() (git-fixes).\n\n - dm crypt: fix memory leak in crypt_ctr_cipher_old() (git-fixes).\n\n - dm crypt: introduce new format of cipher with 'capi:' prefix (Git-fixes).\n\n - dm crypt: wipe kernel key copy after IV initialization (Git-fixes).\n\n - dm: do not allow readahead to limit IO size (git fixes (readahead)).\n\n - dm kcopyd: Fix bug causing workqueue stalls (bnc#1012382).\n\n - dm-multipath: do not assign cmd_flags in setup_clone() (bsc#1103156).\n\n - dm snapshot: Fix excessive memory usage and workqueue stalls (bnc#1012382).\n\n - dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).\n\n - drivers: hv: vmbus: check the creation_status in vmbus_establish_gpadl() (bsc#1104098).\n\n - drivers: hv: vmbus: Return -EINVAL for the sys files for unopened channels (bnc#1012382).\n\n - drivers/sbus/char: add of_node_put() (bnc#1012382).\n\n - drivers/tty: add missing of_node_put() (bnc#1012382).\n\n - drm/ast: change resolution may cause screen blurred (bnc#1012382).\n\n - drm/ast: fixed cursor may disappear sometimes (bnc#1012382).\n\n - drm/ast: fixed reading monitor EDID not stable issue (bnc#1012382).\n\n - drm/ast: Fix incorrect free on ioregs (bsc#1106929)\n\n - drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1106929)\n\n - drm/ioctl: Fix Spectre v1 vulnerabilities (bnc#1012382).\n\n - drm/msm: Grab a vblank reference when waiting for commit_done (bnc#1012382).\n\n - drm: rcar-du: Fix external clock error checks (bsc#1106929)\n\n - drm: rcar-du: Fix vblank initialization (bsc#1106929)\n\n - e1000e: allow non-monotonic SYSTIM readings (bnc#1012382).\n\n - EDAC: Raise the maximum number of memory controllers (bsc#1120722).\n\n - efi/libstub/arm64: Use hidden attribute for struct screen_info reference (bsc#1122650).\n\n - exec: avoid gcc-8 warning for get_task_comm (bnc#1012382).\n\n - exportfs: do not read dentry after free (bnc#1012382).\n\n - ext2: fix potential use after free (bnc#1012382).\n\n - ext4: fix a potential fiemap/page fault deadlock w/ inline_data (bnc#1012382).\n\n - ext4: Fix crash during online resizing (bsc#1122779).\n\n - ext4: fix EXT4_IOC_GROUP_ADD ioctl (bnc#1012382).\n\n - ext4: fix possible use after free in ext4_quota_enable (bnc#1012382).\n\n - ext4: force inode writes when nfsd calls commit_metadata() (bnc#1012382).\n\n - ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bnc#1012382).\n\n - f2fs: Add sanity_check_inode() function (bnc#1012382).\n\n - f2fs: avoid unneeded loop in build_sit_entries (bnc#1012382).\n\n - f2fs: check blkaddr more accuratly before issue a bio (bnc#1012382).\n\n - f2fs: clean up argument of recover_data (bnc#1012382).\n\n - f2fs: clean up with is_valid_blkaddr() (bnc#1012382).\n\n - f2fs: detect wrong layout (bnc#1012382).\n\n - f2fs: enhance sanity_check_raw_super() to avoid potential overflow (bnc#1012382).\n\n - f2fs: factor out fsync inode entry operations (bnc#1012382).\n\n - f2fs: fix inode cache leak (bnc#1012382).\n\n - f2fs: fix invalid memory access (bnc#1012382).\n\n - f2fs: fix missing up_read (bnc#1012382).\n\n - f2fs: fix to avoid reading out encrypted data in page cache (bnc#1012382).\n\n - f2fs: fix to convert inline directory correctly (bnc#1012382).\n\n - f2fs: fix to determine start_cp_addr by sbi->cur_cp_pack (bnc#1012382).\n\n - f2fs: fix to do sanity check with block address in main area (bnc#1012382).\n\n - f2fs: fix to do sanity check with block address in main area v2 (bnc#1012382).\n\n - f2fs: fix to do sanity check with cp_pack_start_sum (bnc#1012382).\n\n - f2fs: fix to do sanity check with node footer and iblocks (bnc#1012382).\n\n - f2fs: fix to do sanity check with reserved blkaddr of inline inode (bnc#1012382).\n\n - f2fs: fix to do sanity check with secs_per_zone (bnc#1012382).\n\n - f2fs: fix to do sanity check with user_block_count (bnc#1012382).\n\n - f2fs: fix validation of the block count in sanity_check_raw_super (bnc#1012382).\n\n - f2fs: free meta pages if sanity check for ckpt is failed (bnc#1012382).\n\n - f2fs: give -EINVAL for norecovery and rw mount (bnc#1012382).\n\n - f2fs: introduce and spread verify_blkaddr (bnc#1012382).\n\n - f2fs: introduce get_checkpoint_version for cleanup (bnc#1012382).\n\n - f2fs: move sanity checking of cp into get_valid_checkpoint (bnc#1012382).\n\n - f2fs: not allow to write illegal blkaddr (bnc#1012382).\n\n - f2fs: put directory inodes before checkpoint in roll-forward recovery (bnc#1012382).\n\n - f2fs: remove an obsolete variable (bnc#1012382).\n\n - f2fs: return error during fill_super (bnc#1012382).\n\n - f2fs: sanity check on sit entry (bnc#1012382).\n\n - f2fs: use crc and cp version to determine roll-forward recovery (bnc#1012382).\n\n - fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1106929)\n\n - fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1106929)\n\n - fix fragmentation series\n\n - Fix problem with sharetransport= and NFSv4 (bsc#1114893).\n\n - floppy: fix race condition in __floppy_read_block_0() (Git-fixes).\n\n - fork: record start_time late (bnc#1012382).\n\n - fscache, cachefiles: remove redundant variable 'cache' (bnc#1012382).\n\n - fscache: Fix race in fscache_op_complete() due to split atomic_sub & read (Git-fixes).\n\n - fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).\n\n - genwqe: Fix size check (bnc#1012382).\n\n - gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bnc#1012382).\n\n - gfs2: Fix loop in gfs2_rbm_find (bnc#1012382).\n\n - git_sort.py: Remove non-existent remote tj/libata\n\n - gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (Git-fixes).\n\n - gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bnc#1012382).\n\n - gro_cell: add napi_disable in gro_cells_destroy (bnc#1012382).\n\n - hfs: do not free node before using (bnc#1012382).\n\n - hfsplus: do not free node before using (bnc#1012382).\n\n - hpwdt add dynamic debugging (bsc#1114417).\n\n - hpwdt calculate reload value on each use (bsc#1114417).\n\n - hugetlbfs: fix bug in pgoff overflow checking (bnc#1012382).\n\n - hwmon: (ina2xx) Fix current value calculation (bnc#1012382).\n\n - hwmon: (w83795) temp4_type has writable permission (bnc#1012382).\n\n - hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n\n - i2c: axxia: properly handle master timeout (bnc#1012382).\n\n - i2c: dev: prevent adapter retries and timeout being set as minus value (bnc#1012382).\n\n - i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bnc#1012382).\n\n - ib/hfi1: Fix an out-of-bounds access in get_hw_stats ().\n\n - ibmveth: Do not process frames after calling napi_reschedule (bcs#1123357).\n\n - ibmveth: fix DMA unmap error in ibmveth_xmit_start error path (bnc#1012382).\n\n - ibmvnic: Add ethtool private flag for driver-defined queue limits (bsc#1121726).\n\n - ibmvnic: Convert reset work item mutex to spin lock ().\n\n - ibmvnic: Fix non-atomic memory allocation in IRQ context ().\n\n - ibmvnic: Increase maximum queue size limit (bsc#1121726).\n\n - ibmvnic: Introduce driver limits for ring sizes (bsc#1121726).\n\n - ide: pmac: add of_node_put() (bnc#1012382).\n\n - ieee802154: lowpan_header_create check must check daddr (bnc#1012382).\n\n - input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bnc#1012382).\n\n - input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G (bnc#1012382).\n\n - input: elan_i2c - add ELAN0620 to the ACPI table (bnc#1012382).\n\n - input: elan_i2c - add support for ELAN0621 touchpad (bnc#1012382).\n\n - input: matrix_keypad - check for errors from of_get_named_gpio() (bnc#1012382).\n\n - input: omap-keypad - fix idle configuration to not block SoC idle states (bnc#1012382).\n\n - input: omap-keypad - fix keyboard debounce configuration (bnc#1012382).\n\n - input: restore EV_ABS ABS_RESERVED (bnc#1012382).\n\n - input: xpad - add GPD Win 2 Controller USB IDs (bnc#1012382).\n\n - input: xpad - add Mad Catz FightStick TE 2 VID/PID (bnc#1012382).\n\n - input: xpad - add more third-party controllers (bnc#1012382).\n\n - input: xpad - add PDP device id 0x02a4 (bnc#1012382).\n\n - input: xpad - add product ID for Xbox One S pad (bnc#1012382).\n\n - input: xpad - add support for PDP Xbox One controllers (bnc#1012382).\n\n - input: xpad - add support for Xbox1 PDP Camo series gamepad (bnc#1012382).\n\n - input: xpad - add USB IDs for Mad Catz Brawlstick and Razer Sabertooth (bnc#1012382).\n\n - input: xpad - avoid using __set_bit() for capabilities (bnc#1012382).\n\n - input: xpad - constify usb_device_id (bnc#1012382).\n\n - input: xpad - correctly sort vendor id's (bnc#1012382).\n\n - input: xpad - correct xbox one pad device name (bnc#1012382).\n\n - input: xpad - do not depend on endpoint order (bnc#1012382).\n\n - input: xpad - fix GPD Win 2 controller name (bnc#1012382).\n\n - input: xpad - fix PowerA init quirk for some gamepad models (bnc#1012382).\n\n - input: xpad - fix rumble on Xbox One controllers with 2015 firmware (bnc#1012382).\n\n - input: xpad - fix some coding style issues (bnc#1012382).\n\n - input: xpad - fix stuck mode button on Xbox One S pad (bnc#1012382).\n\n - input: xpad - fix Xbox One rumble stopping after 2.5 secs (bnc#1012382).\n\n - input: xpad - handle 'present' and 'gone' correctly (bnc#1012382).\n\n - input: xpad - move reporting xbox one home button to common function (bnc#1012382).\n\n - input: xpad - power off wireless 360 controllers on suspend (bnc#1012382).\n\n - input: xpad - prevent spurious input from wired Xbox 360 controllers (bnc#1012382).\n\n - input: xpad - quirk all PDP Xbox One gamepads (bnc#1012382).\n\n - input: xpad - remove spurious events of wireless xpad 360 controller (bnc#1012382).\n\n - input: xpad - remove unused function (bnc#1012382).\n\n - input: xpad - restore LED state after device resume (bnc#1012382).\n\n - input: xpad - simplify error condition in init_output (bnc#1012382).\n\n - input: xpad - sort supported devices by USB ID (bnc#1012382).\n\n - input: xpad - support some quirky Xbox One pads (bnc#1012382).\n\n - input: xpad - sync supported devices with 360Controller (bnc#1012382).\n\n - input: xpad - sync supported devices with XBCD (bnc#1012382).\n\n - input: xpad - sync supported devices with xboxdrv (bnc#1012382).\n\n - input: xpad - update Xbox One Force Feedback Support (bnc#1012382).\n\n - input: xpad - use LED API when identifying wireless controllers (bnc#1012382).\n\n - input: xpad - validate USB endpoint type during probe (bnc#1012382).\n\n - input: xpad - workaround dead irq_out after suspend/ resume (bnc#1012382).\n\n - input: xpad - xbox one elite controller support (bnc#1012382).\n\n - intel_th: msu: Fix an off-by-one in attribute store (bnc#1012382).\n\n - iommu/amd: Call free_iova_fast with pfn in map_sg (bsc#1106105).\n\n - iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).\n\n - iommu/amd: Fix IOMMU page flush when detach device from a domain (bsc#1106105).\n\n - iommu/amd: Unmap all mapped pages in error path of map_sg (bsc#1106105).\n\n - iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions() (bsc#1106105).\n\n - iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).\n\n - ip6mr: Fix potential Spectre v1 vulnerability (bnc#1012382).\n\n - ipmi:ssif: Fix handling of multi-part return messages (bnc#1012382).\n\n - ip: on queued skb use skb_header_pointer instead of pskb_may_pull (bnc#1012382).\n\n - ip_tunnel: Fix name string concatenate in\n __ip_tunnel_create() (bnc#1012382).\n\n - ipv4: Fix potential Spectre v1 vulnerability (bnc#1012382).\n\n - ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes (bsc#1110286).\n\n - ipv6: Check available headroom in ip6_xmit() even without options (bnc#1012382).\n\n - ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address (bnc#1012382).\n\n - ipv6: explicitly initialize udp6_addr in udp_sock_create6() (bnc#1012382).\n\n - ipv6: fix kernel-infoleak in ipv6_local_error() (bnc#1012382).\n\n - ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses (bnc#1012382).\n\n - isdn: fix kernel-infoleak in capi_unlocked_ioctl (bnc#1012382).\n\n - iser: set sector for ambiguous mr status errors (bnc#1012382).\n\n - iwlwifi: mvm: fix regulatory domain update when the firmware starts (bnc#1012382).\n\n - iwlwifi: mvm: support sta_statistics() even on older firmware (bnc#1012382).\n\n - ixgbe: Add function for checking to see if we can reuse page (bsc#1100105).\n\n - ixgbe: Add support for build_skb (bsc#1100105).\n\n - ixgbe: Add support for padding packet (bsc#1100105).\n\n - ixgbe: Break out Rx buffer page management (bsc#1100105).\n\n - ixgbe: Fix output from ixgbe_dump (bsc#1100105).\n\n - ixgbe: fix possible race in reset subtask (bsc#1101557).\n\n - ixgbe: Make use of order 1 pages and 3K buffers independent of FCoE (bsc#1100105).\n\n - ixgbe: Only DMA sync frame length (bsc#1100105).\n\n - ixgbe: recognize 1000BaseLX SFP modules as 1Gbps (bnc#1012382).\n\n - ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).\n\n - ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).\n\n - ixgbe: Update code to better handle incrementing page count (bsc#1100105).\n\n - ixgbe: Update driver to make use of DMA attributes in Rx path (bsc#1100105).\n\n - ixgbe: Use length to determine if descriptor is done (bsc#1100105).\n\n - jffs2: Fix use of uninitialized delayed_work, lockdep breakage (bnc#1012382).\n\n - kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n\n - kabi: reorder new slabinfo fields in struct kmem_cache_node (bnc#1116653).\n\n - kbuild: suppress packed-not-aligned warning for default setting only (bnc#1012382).\n\n - kconfig: fix file name and line number of warn_ignored_character() (bnc#1012382).\n\n - kconfig: fix memory leak when EOF is encountered in quotation (bnc#1012382).\n\n - kdb: use memmove instead of overlapping memcpy (bnc#1012382).\n\n - kdb: Use strscpy with destination buffer size (bnc#1012382).\n\n - kernfs: Replace strncpy with memcpy (bnc#1012382).\n\n - kgdboc: fix KASAN global-out-of-bounds bug in param_set_kgdboc_var() (bnc#1012382).\n\n - kgdboc: Fix restrict error (bnc#1012382).\n\n - kgdboc: Fix warning with module build (bnc#1012382).\n\n - kobject: Replace strncpy with memcpy (bnc#1012382).\n\n - kvm/arm64: Fix caching of host MDCR_EL2 value (bsc#1121242).\n\n - kvm/arm: Restore banked registers and physical timer access on hyp_panic() (bsc#1121240).\n\n - kvm/mmu: Fix race in emulated page table writes (bnc#1012382).\n\n - kvm/nVMX: Eliminate vmcs02 pool (bnc#1012382).\n\n - kvm/nVMX: mark vmcs12 pages dirty on L2 exit (bnc#1012382).\n\n - kvm/PPC: Move and undef TRACE_INCLUDE_PATH/FILE (bnc#1012382).\n\n - kvm/svm: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032).\n\n - kvm/svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114648).\n\n - kvm/VMX: Allow direct access to MSR_IA32_SPEC_CTRL (bnc#1012382 bsc#1068032 bsc#1096242 bsc#1096281).\n\n - kvm/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (bnc#1012382).\n\n - kvm/VMX: introduce alloc_loaded_vmcs (bnc#1012382).\n\n - kvm/VMX: make MSR bitmaps per-VCPU (bnc#1012382).\n\n - kvm/x86: Add IBPB support (bnc#1012382 bsc#1068032 bsc#1068032).\n\n - kvm/x86: fix empty-body warnings (bnc#1012382).\n\n - kvm/x86: Remove indirect MSR op calls from SPEC_CTRL (bnc#1012382).\n\n - kvm/x86: Use jmp to invoke kvm_spurious_fault() from .fixup (bnc#1012382).\n\n - leds: call led_pwm_set() in leds-pwm to enforce default LED_OFF (bnc#1012382).\n\n - leds: leds-gpio: Fix return value check in create_gpio_led() (bnc#1012382).\n\n - leds: turn off the LED and wait for completion on unregistering LED class device (bnc#1012382).\n\n - libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bnc#1012382).\n\n - libceph: fall back to sendmsg for slab pages (bsc#1118316).\n\n - libfc: sync strings with upstream versions (bsc#1114763).\n\n - lib/interval_tree_test.c: allow full tree search (bnc#1012382).\n\n - lib/interval_tree_test.c: allow users to limit scope of endpoint (bnc#1012382).\n\n - lib/interval_tree_test.c: make test options module parameters (bnc#1012382).\n\n - libnvdimm, (btt, blk): do integrity setup before add_disk() (bsc#1118926).\n\n - libnvdimm, dimm: fix dpa reservation vs uninitialized label area (bsc#1118936).\n\n - libnvdimm: fix integer overflow static analysis warning (bsc#1118922).\n\n - libnvdimm: fix nvdimm_bus_lock() vs device_lock() ordering (bsc#1118915).\n\n - lib/rbtree_test.c: make input module parameters (bnc#1012382).\n\n - lib/rbtree-test: lower default params (bnc#1012382).\n\n - llc: do not use sk_eat_skb() (bnc#1012382).\n\n - loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl() (bnc#1012382).\n\n - loop: Fold __loop_release into loop_release (bnc#1012382).\n\n - loop: Get rid of loop_index_mutex (bnc#1012382).\n\n - LSM: Check for NULL cred-security on free (bnc#1012382).\n\n - mac80211: Clear beacon_int in ieee80211_do_stop (bnc#1012382).\n\n - mac80211: fix reordering of buffered broadcast packets (bnc#1012382).\n\n - mac80211_hwsim: fix module init error paths for netlink (bnc#1012382).\n\n - mac80211_hwsim: Timer should be initialized before device registered (bnc#1012382).\n\n - mac80211: ignore NullFunc frames in the duplicate detection (bnc#1012382).\n\n - mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bnc#1012382).\n\n - matroxfb: fix size of memcpy (bnc#1012382).\n\n - md: batch flush requests (bsc#1119680).\n\n - md: do not check MD_SB_CHANGE_CLEAN in md_allow_write (Git-fixes).\n\n - media: dvb-frontends: fix i2c access helpers for KASAN (bnc#1012382).\n\n - media: em28xx: Fix misplaced reset of dev->v4l::field_count (bnc#1012382).\n\n - media: em28xx: Fix use-after-free when disconnecting (bnc#1012382).\n\n - media: firewire: Fix app_info parameter type in avc_ca(,_app)_info (bnc#1012382).\n\n - media: vb2: be sure to unlock mutex on errors (bnc#1012382).\n\n - media: vb2: vb2_mmap: move lock up (bnc#1012382).\n\n - media: vivid: fix error handling of kthread_run (bnc#1012382).\n\n - media: vivid: free bitmap_cap when updating std/timings/etc (bnc#1012382).\n\n - media: vivid: set min width/height to a value > 0 (bnc#1012382).\n\n - mfd: tps6586x: Handle interrupts on suspend (bnc#1012382).\n\n - mips: Align kernel load address to 64KB (bnc#1012382).\n\n - mips: Ensure pmd_present() returns false after pmd_mknotpresent() (bnc#1012382).\n\n - mips: fix mips_get_syscall_arg o32 check (bnc#1012382).\n\n - mips: fix n32 compat_ipc_parse_version (bnc#1012382).\n\n - mips: ralink: Fix mt7620 nd_sd pinmux (bnc#1012382).\n\n - MIPS: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur (bnc#1012382).\n\n - misc: mic/scif: fix copy-paste error in scif_create_remote_lookup (bnc#1012382).\n\n - mmc: atmel-mci: do not assume idle after atmci_request_end (bnc#1012382).\n\n - mmc: core: Reset HPI enabled state during re-init and in case of errors (bnc#1012382).\n\n - mm: cleancache: fix corruption on missed inode invalidation (bnc#1012382).\n\n - MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bnc#1012382).\n\n - mmc: omap_hsmmc: fix DMA API warning (bnc#1012382).\n\n - mm, devm_memremap_pages: kill mapping 'System RAM' support (bnc#1012382).\n\n - mm: do not miss the last page because of round-off error (bnc#1118798).\n\n - mm, hugetlb: fix huge_pte_alloc BUG_ON (bsc#1119204).\n\n - mm: hwpoison: call shake_page() after try_to_unmap() for mlocked page (bnc#1116336).\n\n - mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).\n\n - mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).\n\n - mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).\n\n - mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).\n\n - mm: mlock: avoid increase mm->locked_vm on mlock() when already mlock2(,MLOCK_ONFAULT) (bnc#1012382).\n\n - mm/nommu.c: Switch __get_user_pages_unlocked() to use\n __get_user_pages() (bnc#1012382).\n\n - mm: only report isolation failures when offlining memory (generic hotplug debugability).\n\n - mm/page-writeback.c: do not break integrity writeback on\n ->writepage() error (bnc#1012382).\n\n - mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1118790).\n\n - mm: print more information about mapping in __dump_page (generic hotplug debugability).\n\n - mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps (bnc#1012382).\n\n - mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).\n\n - mm: remove write/force parameters from\n __get_user_pages_locked() (bnc#1012382 bsc#1027260).\n\n - mm: remove write/force parameters from\n __get_user_pages_unlocked() (bnc#1012382 bsc#1027260).\n\n - mm: replace __access_remote_vm() write parameter with gup_flags (bnc#1012382).\n\n - mm: replace access_remote_vm() write parameter with gup_flags (bnc#1012382).\n\n - mm: replace get_user_pages_locked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).\n\n - mm: replace get_user_pages_unlocked() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).\n\n - mm: replace get_user_pages() write/force parameters with gup_flags (bnc#1012382 bsc#1027260).\n\n - mm: replace get_vaddr_frames() write/force parameters with gup_flags (bnc#1012382).\n\n - mm, slab: faster active and free stats (bsc#116653, VM Performance).\n\n - mm/slab: improve performance of gathering slabinfo stats (bsc#116653, VM Performance).\n\n - mm, slab: maintain total slab count instead of active count (bsc#116653, VM Performance).\n\n - Move patches to sorted range, p1\n\n - mv88e6060: disable hardware level MAC learning (bnc#1012382).\n\n - mwifiex: Fix NULL pointer dereference in skb_dequeue() (bnc#1012382).\n\n - mwifiex: fix p2p device does not find in scan problem (bnc#1012382).\n\n - namei: allow restricted O_CREAT of FIFOs and regular files (bnc#1012382).\n\n - neighbour: Avoid writing before skb->head in neigh_hh_output() (bnc#1012382).\n\n - net: 8139cp: fix a BUG triggered by changing mtu with network traffic (bnc#1012382).\n\n - net: amd: add missing of_node_put() (bnc#1012382).\n\n - net: bcmgenet: fix OF child-node lookup (bnc#1012382).\n\n - net: bridge: fix a bug on using a neighbour cache entry without checking its state (bnc#1012382).\n\n - net: call sk_dst_reset when set SO_DONTROUTE (bnc#1012382).\n\n - net: ena: fix crash during ena_remove() (bsc#1108240).\n\n - net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1108240).\n\n - net: faraday: ftmac100: remove netif_running(netdev) check before disabling interrupts (bnc#1012382).\n\n - netfilter: nf_tables: fix oops when inserting an element into a verdict map (bnc#1012382).\n\n - net: hisilicon: remove unexpected free_netdev (bnc#1012382).\n\n - net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).\n\n - net: ipv4: do not handle duplicate fragments as overlapping (bsc#1116345).\n\n - net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1015336 bsc#1015337 bsc#1015340).\n\n - net/mlx4_core: Fix uninitialized variable compilation warning (bnc#1012382).\n\n - net/mlx4_core: Zero out lkey field in SW2HW_MPT fw command (bnc#1012382).\n\n - net/mlx4: Fix UBSAN warning of signed integer overflow (bnc#1012382).\n\n - net: phy: do not allow __set_phy_supported to add unsupported modes (bnc#1012382).\n\n - net: Prevent invalid access to skb->prev in\n __qdisc_drop_all (bnc#1012382).\n\n - netrom: fix locking in nr_find_socket() (bnc#1012382).\n\n - net: speed up skb_rbtree_purge() (bnc#1012382).\n\n - net: thunderx: fix NULL pointer dereference in nic_remove (bnc#1012382).\n\n - nfc: nfcmrvl_uart: fix OF child-node lookup (bnc#1012382).\n\n - nfit: skip region registration for incomplete control regions (bsc#1118930).\n\n - nfsv4: Do not exit the state manager without clearing NFS4CLNT_MANAGER_RUNNING (git-fixes).\n\n - nvme: validate controller state before rescheduling keep alive (bsc#1103257).\n\n - ocfs2: fix deadlock caused by ocfs2_defrag_extent() (bnc#1012382).\n\n - ocfs2: fix panic due to unrecovered local alloc (bnc#1012382).\n\n - ocfs2: fix potential use after free (bnc#1012382).\n\n - of: add helper to lookup compatible child node (bnc#1012382).\n\n - omap2fb: Fix stack memory disclosure (bsc#1106929)\n\n - packet: Do not leak dev refcounts on error exit (bnc#1012382).\n\n - packet: validate address length (bnc#1012382).\n\n - packet: validate address length if non-zero (bnc#1012382).\n\n - pci: altera: Check link status before retrain link (bnc#1012382).\n\n - pci: altera: Fix altera_pcie_link_is_up() (bnc#1012382).\n\n - pci: altera: Move retrain from fixup to altera_pcie_host_init() (bnc#1012382).\n\n - pci: altera: Poll for link training status after retraining the link (bnc#1012382).\n\n - pci: altera: Poll for link up status after retraining the link (bnc#1012382).\n\n - pci: altera: Reorder read/write functions (bnc#1012382).\n\n - pci: altera: Rework config accessors for use without a struct pci_bus (bnc#1012382).\n\n - perf/bpf: Convert perf_event_array to use struct file (bsc#1119967).\n\n - perf intel-pt: Fix error with config term 'pt=0' (bnc#1012382).\n\n - perf parse-events: Fix unchecked usage of strncpy() (bnc#1012382).\n\n - perf pmu: Suppress potential format-truncation warning (bnc#1012382).\n\n - perf svghelper: Fix unchecked usage of strncpy() (bnc#1012382).\n\n - pinctrl: sunxi: a83t: Fix IRQ offset typo for PH11 (bnc#1012382).\n\n - platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey (bnc#1012382).\n\n - powerpc/64s: consolidate MCE counter increment (bsc#1094244).\n\n - powerpc/boot: Fix random libfdt related build errors (bnc#1012382).\n\n - powerpc/boot: Request no dynamic linker for boot wrapper (bsc#1070805).\n\n - powerpc/cacheinfo: Report the correct shared_cpu_map on big-cores (bsc#1109695).\n\n - powerpc: Detect the presence of big-cores via 'ibm, thread-groups' (bsc#1109695).\n\n - powerpc: Fix COFF zImage booting on old powermacs (bnc#1012382).\n\n - powerpc, hotplug: Avoid to touch non-existent cpumasks (bsc#1109695).\n\n - powerpc: make use of for_each_node_by_type() instead of open-coding it (bsc#1109695).\n\n - powerpc/msi: Fix NULL pointer access in teardown code (bnc#1012382).\n\n - powerpc/numa: Suppress 'VPHN is not supported' messages (bnc#1012382).\n\n - powerpc/pseries/cpuidle: Fix preempt warning (bnc#1012382).\n\n - powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).\n\n - powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).\n\n - powerpc/smp: Add Power9 scheduler topology (bsc#1109695).\n\n - powerpc/smp: Rework CPU topology construction (bsc#1109695).\n\n - powerpc/smp: Use cpu_to_chip_id() to find core siblings (bsc#1109695).\n\n - powerpc/traps: restore recoverability of machine_check interrupts (bsc#1094244).\n\n - powerpc: Use cpu_smallcore_sibling_mask at SMT level on bigcores (bsc#1109695).\n\n - powerpc/xmon: Fix invocation inside lock region (bsc#1122885).\n\n - power: supply: olpc_battery: correct the temperature units (bnc#1012382).\n\n - proc: Remove empty line in /proc/self/status (bnc#1012382 bsc#1094823).\n\n - pstore: Convert console write to use ->write_buf (bnc#1012382).\n\n - pstore/ram: Do not treat empty buffers as valid (bnc#1012382).\n\n - qed: Fix bitmap_weight() check (bsc#1019695).\n\n - qed: Fix PTT leak in qed_drain() (bnc#1012382).\n\n - qed: Fix QM getters to always return a valid pq (bsc#1019695 ).\n\n - qed: Fix reading wrong value in loop condition (bnc#1012382).\n\n - r8169: Add support for new Realtek Ethernet (bnc#1012382).\n\n - rapidio/rionet: do not free skb before reading its length (bnc#1012382).\n\n - Refresh patches.kabi/x86-cpufeature-preserve-numbers.patch.\n (bsc#1122651)\n\n - Revert 'drm/rockchip: Allow driver to be shutdown on reboot/kexec' (bsc#1106929)\n\n - Revert 'exec: avoid gcc-8 warning for get_task_comm' (kabi).\n\n - Revert 'iommu/io-pgtable-arm: Check for v7s-incapable systems' (bsc#1106105).\n\n - Revert 'PCI/ASPM: Do not initialize link state when aspm_disabled is set' (bsc#1106105).\n\n - Revert 'usb: musb: musb_host: Enable HCD_BH flag to handle urb return in bottom half' (bsc#1047487).\n\n - Revert 'wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()' (bnc#1012382).\n\n - rocker: fix rocker_tlv_put_* functions for KASAN (bnc#1012382).\n\n - rtc: snvs: add a missing write sync (bnc#1012382).\n\n - rtc: snvs: Add timeouts to avoid kernel lockups (bnc#1012382).\n\n - rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices (bnc#1012382).\n\n - s390/cpum_cf: Reject request for sampling in event initialization (bnc#1012382).\n\n - s390/mm: Check for valid vma before zapping in gmap_discard (bnc#1012382).\n\n - s390/qeth: fix length check in SNMP processing (bnc#1012382).\n\n - sbus: char: add of_node_put() (bnc#1012382).\n\n - scsi: bfa: convert to strlcpy/strlcat (bnc#1012382 bsc#1019683, ).\n\n - scsi: bnx2fc: Fix NULL dereference in error handling (bnc#1012382).\n\n - scsi: Create two versions of scsi_internal_device_unblock() (bsc#1119877).\n\n - scsi: csiostor: Avoid content leaks and casts (bnc#1012382).\n\n - scsi: Introduce scsi_start_queue() (bsc#1119877).\n\n - scsi: libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset (bnc#1012382).\n\n - scsi: lpfc: Add Buffer overflow check, when nvme_info larger than PAGE_SIZE (bsc#1102660).\n\n - scsi: lpfc: devloss timeout race condition caused NULL pointer reference (bsc#1102660).\n\n - scsi: lpfc: Fix abort error path for NVMET (bsc#1102660).\n\n - scsi: lpfc: fix block guard enablement on SLI3 adapters (bsc#1079935).\n\n - scsi: lpfc: Fix driver crash when re-registering NVME rports (bsc#1102660).\n\n - scsi: lpfc: Fix ELS abort on SLI-3 adapters (bsc#1102660).\n\n - scsi: lpfc: Fix list corruption on the completion queue (bsc#1102660).\n\n - scsi: lpfc: Fix NVME Target crash in defer rcv logic (bsc#1102660).\n\n - scsi: lpfc: Fix panic if driver unloaded when port is offline (bsc#1102660).\n\n - scsi: lpfc: update driver version to 11.4.0.7-5 (bsc#1102660).\n\n - scsi: Make __scsi_remove_device go straight from BLOCKED to DEL (bsc#1119877).\n\n - scsi: megaraid: fix out-of-bound array accesses (bnc#1012382).\n\n - scsi: Protect SCSI device state changes with a mutex (bsc#1119877).\n\n - scsi: qedi: Add ISCSI_BOOT_SYSFS to Kconfig (bsc#1043083).\n\n - scsi: Re-export scsi_internal_device_(,un)_block() (bsc#1119877).\n\n - scsi: sd: Fix cache_type_store() (bnc#1012382).\n\n - scsi: Split scsi_internal_device_block() (bsc#1119877).\n\n - scsi: target: add emulate_pr backstore attr to toggle PR support (bsc#1091405).\n\n - scsi: target: drop unused pi_prot_format attribute storage (bsc#1091405).\n\n - scsi: target: use consistent left-aligned ASCII INQUIRY data (bnc#1012382).\n\n - scsi: ufs: fix bugs related to NULL pointer access and array size (bnc#1012382).\n\n - scsi: ufs: fix race between clock gating and devfreq scaling work (bnc#1012382).\n\n - scsi: ufshcd: Fix race between clk scaling and ungate work (bnc#1012382).\n\n - scsi: ufshcd: release resources if probe fails (bnc#1012382).\n\n - scsi: use 'inquiry_mutex' instead of 'state_mutex' (bsc#1119877).\n\n - scsi: vmw_pscsi: Rearrange code to avoid multiple calls to free_irq during unload (bnc#1012382).\n\n - scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown (bnc#1012382).\n\n - sctp: allocate sctp_sockaddr_entry with kzalloc (bnc#1012382).\n\n - sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer (bnc#1012382).\n\n - sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event (bnc#1012382).\n\n - selftests: Move networking/timestamping from Documentation (bnc#1012382).\n\n - selinux: fix GPF on invalid policy (bnc#1012382).\n\n - seq_file: fix incomplete reset on read from zero offset (Git-fixes).\n\n - series.conf: Move 'patches.fixes/aio-hold-an-extra-file-reference-over-AIO\n -read-write.patch' into sorted section.\n\n - slab: alien caches must not be initialized if the allocation of the alien cache failed (bnc#1012382).\n\n - sock: Make sock->sk_stamp thread-safe (bnc#1012382).\n\n - spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode (bnc#1012382).\n\n - spi: bcm2835: Fix book-keeping of DMA termination (bnc#1012382).\n\n - spi: bcm2835: Fix race on DMA termination (bnc#1012382).\n\n - spi: bcm2835: Unbreak the build of esoteric configs (bnc#1012382).\n\n - sr: pass down correctly sized SCSI sense buffer (bnc#1012382).\n\n - Staging: lustre: remove two build warnings (bnc#1012382).\n\n - staging: rts5208: fix gcc-8 logic error warning (bnc#1012382).\n\n - staging: speakup: Replace strncpy with memcpy (bnc#1012382).\n\n - sunrpc: Fix a bogus get/put in generic_key_to_expire() (bnc#1012382).\n\n - sunrpc: Fix a potential race in xprt_connect() (git-fixes).\n\n - sunrpc: fix cache_head leak due to queued request (bnc#1012382).\n\n - sunrpc: Fix leak of krb5p encode pages (bnc#1012382).\n\n - sunrpc: handle ENOMEM in rpcb_getport_async (bnc#1012382).\n\n - swiotlb: clean up reporting (bnc#1012382).\n\n - sysfs: Disable lockdep for driver bind/unbind files (bnc#1012382).\n\n - sysv: return 'err' instead of 0 in __sysv_write_inode (bnc#1012382).\n\n - target/iscsi: avoid NULL dereference in CHAP auth error path (bsc#1117165).\n\n - target: se_dev_attrib.emulate_pr ABI stability (bsc#1091405).\n\n - tcp: fix NULL ref in tail loss probe (bnc#1012382).\n\n - timer/debug: Change /proc/timer_list from 0444 to 0400 (bnc#1012382).\n\n - tipc: fix uninit-value in tipc_nl_compat_bearer_enable (bnc#1012382).\n\n - tipc: fix uninit-value in tipc_nl_compat_doit (bnc#1012382).\n\n - tipc: fix uninit-value in tipc_nl_compat_link_reset_stats (bnc#1012382).\n\n - tipc: fix uninit-value in tipc_nl_compat_link_set (bnc#1012382).\n\n - tipc: fix uninit-value in tipc_nl_compat_name_table_dump (bnc#1012382).\n\n - tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset (bnc#1012382).\n\n - tpm: fix response size validation in tpm_get_random() (bsc#1020645, git-fixes).\n\n - tracing: Fix bad use of igrab in trace_uprobe.c (bsc#1120046).\n\n - tracing: Fix memory leak in set_trigger_filter() (bnc#1012382).\n\n - tracing: Fix memory leak of instance function hash filters (bnc#1012382).\n\n - tty/ldsem: Wake up readers after timed out down_write() (bnc#1012382).\n\n - tty: serial: 8250_mtk: always resume the device in probe (bnc#1012382).\n\n - tty: wipe buffer (bnc#1012382).\n\n - tty: wipe buffer if not echoing data (bnc#1012382).\n\n - tun: forbid iface creation with rtnl ops (bnc#1012382).\n\n - unifdef: use memcpy instead of strncpy (bnc#1012382).\n\n - Update config files: disable f2fs in the rest configs (boo#1109665)\n\n - uprobes: Fix handle_swbp() vs. unregister() + register() race once more (bnc#1012382).\n\n - usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB (bnc#1012382).\n\n - usb: appledisplay: Add 27' Apple Cinema Display (bnc#1012382).\n\n - usb: cdc-acm: send ZLP for Telit 3G Intel based modems (bnc#1012382).\n\n - usb: check usb_get_extra_descriptor for proper size (bnc#1012382).\n\n - usb: core: Fix hub port connection events lost (bnc#1012382).\n\n - usb: core: quirks: add RESET_RESUME quirk for Cherry G230 Stream series (bnc#1012382).\n\n - usb: gadget: dummy: fix nonsensical comparisons (bnc#1012382).\n\n - usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2 (bnc#1012382).\n\n - usb: omap_udc: fix crashes on probe error and module removal (bnc#1012382).\n\n - usb: omap_udc: fix omap_udc_start() on 15xx machines (bnc#1012382).\n\n - usb: omap_udc: fix USB gadget functionality on Palm Tungsten E (bnc#1012382).\n\n - usb: omap_udc: use devm_request_irq() (bnc#1012382).\n\n - usb: quirk: add no-LPM quirk on SanDisk Ultra Flair device (bnc#1012382).\n\n - usb: r8a66597: Fix a possible concurrency use-after-free bug in r8a66597_endpoint_disable() (bnc#1012382).\n\n - usb: serial: option: add Fibocom NL668 series (bnc#1012382).\n\n - usb: serial: option: add Fibocom NL678 series (bnc#1012382).\n\n - usb: serial: option: add GosunCn ZTE WeLink ME3630 (bnc#1012382).\n\n - usb: serial: option: add HP lt4132 (bnc#1012382).\n\n - usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode) (bnc#1012382).\n\n - usb: serial: option: add Telit LN940 series (bnc#1012382).\n\n - usb: serial: pl2303: add ids for Hewlett-Packard HP POS pole displays (bnc#1012382).\n\n - usb: storage: add quirk for SMI SM3350 (bnc#1012382).\n\n - usb: storage: do not insert sane sense for SPC3+ when bad sense specified (bnc#1012382).\n\n - usb: usb-storage: Add new IDs to ums-realtek (bnc#1012382).\n\n - usb: xhci: fix timeout for transition from RExit to U0 (bnc#1012382).\n\n - usb: xhci: fix uninitialized completion when USB3 port got wrong status (bnc#1012382).\n\n - usb: xhci: Prevent bus suspend if a port connect change or polling state is detected (bnc#1012382).\n\n - v9fs_dir_readdir: fix double-free on p9stat_read error (bnc#1012382).\n\n - vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).\n\n - vhost: make sure used idx is seen before log in vhost_add_used_n() (bnc#1012382).\n\n - virtio/s390: avoid race on vcdev->config (bnc#1012382).\n\n - virtio/s390: fix race in ccw_io_helper() (bnc#1012382).\n\n - VSOCK: Send reset control packet when socket is partially bound (bnc#1012382).\n\n - writeback: do not decrement wb->refcnt if !wb->bdi (git fixes (writeback)).\n\n - x86/earlyprintk/efi: Fix infinite loop on some screen widths (bnc#1012382).\n\n - x86/entry: spell EBX register correctly in documentation (bnc#1012382).\n\n - x86/MCE: Export memory_error() (bsc#1114648).\n\n - x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114648).\n\n - x86/mtrr: Do not copy uninitialized gentry fields back to userspace (bnc#1012382).\n\n - x86/speculation/l1tf: Drop the swap storage limit restriction when l1tf=off (bnc#1114871).\n\n - x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP (bnc#1012382).\n\n - xen/balloon: Support xend-based toolstack (bnc#1065600).\n\n - xen/netback: dont overflow meta array (bnc#1099523).\n\n - xen/netfront: tolerate frags with no data (bnc#1012382).\n\n - xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).\n\n - xen: xlate_mmu: add missing header to fix 'W=1' warning (bnc#1012382).\n\n - xfrm: Fix bucket count reported to userspace (bnc#1012382).\n\n - xfs: Align compat attrlist_by_handle with native implementation (git-fixes).\n\n - xfs: fix quotacheck dquot id overflow infinite loop (bsc#1121621).\n\n - xhci: Add quirk to workaround the errata seen on Cavium Thunder-X2 Soc (bsc#1117162).\n\n - xhci: Do not prevent USB2 bus suspend in state check intended for USB3 only (bnc#1012382).\n\n - xhci: Prevent U1/U2 link pm states if exit latency is too long (bnc#1012382).\n\n - xprtrdma: Reset credit grant properly after a disconnect (git-fixes).\n\n - xtensa: enable coprocessors that are being flushed (bnc#1012382).\n\n - xtensa: fix coprocessor context offset definitions (bnc#1012382).\n\n - Yama: Check for pid death before checking ancestry (bnc#1012382).\n\n - x86/pkeys: Properly copy pkey state at fork() (bsc#1106105).", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2019-140)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1120", "CVE-2018-16862", "CVE-2018-16884", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-19985", "CVE-2018-20169", "CVE-2018-9568", "CVE-2019-3459", "CVE-2019-3460"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-docs-pdf", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-140.NASL", "href": "https://www.tenable.com/plugins/nessus/121633", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-140.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121633);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-1120\", \"CVE-2018-16862\", \"CVE-2018-16884\", \"CVE-2018-19407\", \"CVE-2018-19824\", \"CVE-2018-19985\", \"CVE-2018-20169\", \"CVE-2018-9568\", \"CVE-2019-3459\", \"CVE-2019-3460\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2019-140)\");\n script_summary(english:\"Check for the openSUSE-2019-140 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 42.3 Linux kernel was updated to 4.4.172 to receive\nvarious security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2019-3459,CVE-2019-3460: Two remote information leak\n vulnerabilities in the Bluetooth stack were fixed that\n could potentially leak kernel information (bsc#1120758)\n\n - CVE-2018-19407: The vcpu_scan_ioapic function in\n arch/x86/kvm/x86.c allowed local users to cause a denial\n of service (NULL pointer dereference and BUG) via\n crafted system calls that reach a situation where ioapic\n is uninitialized (bnc#1116841).\n\n - CVE-2018-19985: The function hso_probe read if_num from\n the USB device (as an u8) and used it without a length\n check to index an array, resulting in an OOB memory read\n in hso_probe or hso _get_config_data that could be used\n by local attackers (bnc#1120743).\n\n - CVE-2018-1120: By mmap()ing a FUSE-backed file onto a\n process's memory containing command line arguments (or\n environment strings), an attacker can cause utilities\n from psutils or procps (such as ps, w) or any other\n program which made a read() call to the\n /proc/<pid>/cmdline (or /proc/<pid>/environ) files to\n block indefinitely (denial of service) or for some\n controlled time (as a synchronization primitive for\n other attacks) (bnc#1087082).\n\n - CVE-2018-16884: NFS41+ shares mounted in different\n network namespaces at the same time can make\n bc_svc_process() use wrong back-channel IDs and cause a\n use-after-free vulnerability. Thus a malicious container\n user can cause a host kernel memory corruption and a\n system panic. Due to the nature of the flaw, privilege\n escalation cannot be fully ruled out (bnc#1119946).\n\n - CVE-2018-20169: The USB subsystem mishandled size checks\n during the reading of an extra descriptor, related to\n __usb_get_extra_descriptor in drivers/usb/core/usb.c\n (bnc#1119714).\n\n - CVE-2018-9568: In sk_clone_lock of sock.c, there is a\n possible memory corruption due to type confusion. This\n could lead to local escalation of privilege with no\n additional execution privileges needed. User interaction\n is not needed for exploitation. (bnc#1118319).\n\n - CVE-2018-16862: A security flaw was found in a way that\n the cleancache subsystem clears an inode after the final\n file truncation (removal). The new file created with the\n same inode may contain leftover pages from cleancache\n and the old file data instead of the new one\n (bnc#1117186).\n\n - CVE-2018-19824: A local user could exploit a\n use-after-free in the ALSA driver by supplying a\n malicious USB Sound device (with zero interfaces) that\n is mishandled in usb_audio_probe in sound/usb/card.c\n (bnc#1118152).\n\nThe following non-security bugs were fixed :\n\n - 9p/net: put a lower bound on msize (bnc#1012382).\n\n - ACPI/IORT: Fix iort_get_platform_device_domain()\n uninitialized pointer value (bsc#1121239).\n\n - acpi/nfit: Block function zero DSMs (bsc#1123321).\n\n - acpi/nfit: Fix command-supported detection\n (bsc#1123323).\n\n - acpi/nfit, x86/mce: Handle only uncorrectable machine\n checks (bsc#1114648).\n\n - acpi/nfit, x86/mce: Validate a MCE's address before\n using it (bsc#1114648).\n\n - acpi/power: Skip duplicate power resource references in\n _PRx (bnc#1012382).\n\n - acpi/processor: Fix the return value of\n acpi_processor_ids_walk() (git fixes (acpi)).\n\n - aio: fix spectre gadget in lookup_ioctx (bnc#1012382).\n\n - aio: hold an extra file reference over AIO read/write\n operations (bsc#1116027).\n\n - alsa: ac97: Fix incorrect bit shift at AC97-SPSA control\n write (bnc#1012382).\n\n - alsa: bebob: fix model-id of unit for Apogee Ensemble\n (bnc#1012382).\n\n - alsa: control: Fix race between adding and removing a\n user element (bnc#1012382).\n\n - alsa: cs46xx: Potential NULL dereference in probe\n (bnc#1012382).\n\n - alsa: emu10k1: Fix potential Spectre v1 vulnerabilities\n (bnc#1012382).\n\n - alsa: emux: Fix potential Spectre v1 vulnerabilities\n (bnc#1012382).\n\n - alsa: hda: add mute LED support for HP EliteBook 840 G4\n (bnc#1012382).\n\n - alsa: hda: Add support for AMD Stoney Ridge\n (bnc#1012382).\n\n - alsa: hda/realtek - Disable headset Mic VREF for headset\n mode of ALC225 (bnc#1012382).\n\n - alsa: hda/tegra: clear pending irq handlers\n (bnc#1012382).\n\n - alsa: isa/wavefront: prevent some out of bound writes\n (bnc#1012382).\n\n - alsa: pcm: Call snd_pcm_unlink() conditionally at\n closing (bnc#1012382).\n\n - alsa: pcm: Fix interval evaluation with openmin/max\n (bnc#1012382).\n\n - alsa: pcm: Fix potential Spectre v1 vulnerability\n (bnc#1012382).\n\n - alsa: pcm: Fix starvation on down_write_nonblock()\n (bnc#1012382).\n\n - alsa: pcm: remove SNDRV_PCM_IOCTL1_INFO internal command\n (bnc#1012382).\n\n - alsa: rme9652: Fix potential Spectre v1 vulnerability\n (bnc#1012382).\n\n - alsa: sparc: Fix invalid snd_free_pages() at error path\n (bnc#1012382).\n\n - alsa: trident: Suppress gcc string warning\n (bnc#1012382).\n\n - alsa: usb-audio: Avoid access before bLength check in\n build_audio_procunit() (bnc#1012382).\n\n - alsa: usb-audio: Fix an out-of-bound read in\n create_composite_quirks (bnc#1012382).\n\n - alsa: wss: Fix invalid snd_free_pages() at error path\n (bnc#1012382).\n\n - arc: change defconfig defaults to ARCv2 (bnc#1012382).\n\n - arc: [devboards] Add support of NFSv3 ACL (bnc#1012382).\n\n - arc: io.h: Implement reads(x)()/writes(x)()\n (bnc#1012382).\n\n - arm64: Do not trap host pointer auth use to EL2\n (bnc#1012382).\n\n - arm64/kvm: consistently handle host HCR_EL2 flags\n (bnc#1012382).\n\n - arm64: perf: set suppress_bind_attrs flag to true\n (bnc#1012382).\n\n - arm64: remove no-op -p linker flag (bnc#1012382).\n\n - arm: 8814/1: mm: improve/fix ARM v7_dma_inv_range()\n unaligned address handling (bnc#1012382).\n\n - arm: imx: update the cpu power up timing setting on\n i.mx6sx (bnc#1012382).\n\n - arm: kvm: fix building with gcc-8 (bsc#1121241).\n\n - arm: OMAP1: ams-delta: Fix possible use of uninitialized\n field (bnc#1012382).\n\n - arm: OMAP2+: prm44xx: Fix section annotation on\n omap44xx_prm_enable_io_wakeup (bnc#1012382).\n\n - ASoC: dapm: Recalculate audio map forcely when card\n instantiated (bnc#1012382).\n\n - ASoC: omap-dmic: Add pm_qos handling to avoid overruns\n with CPU_IDLE (bnc#1012382).\n\n - ASoC: omap-mcpdm: Add pm_qos handling to avoid\n under/overruns with CPU_IDLE (bnc#1012382).\n\n - ata: Fix racy link clearance (bsc#1107866).\n\n - ath10k: fix kernel panic due to race in accessing arvif\n list (bnc#1012382).\n\n - ax25: fix a use-after-free in ax25_fillin_cb()\n (bnc#1012382).\n\n - b43: Fix error in cordic routine (bnc#1012382).\n\n - batman-adv: Expand merged fragment buffer for full\n packet (bnc#1012382).\n\n - bfs: add sanity check at bfs_fill_super() (bnc#1012382).\n\n - block/loop: Use global lock for ioctl() operation\n (bnc#1012382).\n\n - block/swim3: Fix -EBUSY error when re-opening device\n after unmount (Git-fixes).\n\n - bnx2x: Assign unique DMAE channel number for FW DMAE\n transactions (bnc#1012382).\n\n - bonding: fix 802.3ad state sent to partner when\n unbinding slave (bnc#1012382).\n\n - bpf: fix check of allowed specifiers in bpf_trace_printk\n (bnc#1012382).\n\n - bpf: support 8-byte metafield access (bnc#1012382).\n\n - bpf, trace: check event type in bpf_perf_event_read\n (bsc#1119970).\n\n - bpf, trace: use READ_ONCE for retrieving file ptr\n (bsc#1119967).\n\n - bpf/verifier: Add spi variable to check_stack_write()\n (bnc#1012382).\n\n - bpf/verifier: Pass instruction index to\n check_mem_access() and check_xadd() (bnc#1012382).\n\n - btrfs: Always try all copies when reading extent buffers\n (bnc#1012382).\n\n - btrfs: ensure path name is null terminated at\n btrfs_control_ioctl (bnc#1012382).\n\n - btrfs: Fix memory barriers usage with device stats\n counters (git-fixes).\n\n - btrfs: fix use-after-free when dumping free space\n (bnc#1012382).\n\n - btrfs: Handle error from btrfs_uuid_tree_rem call in\n _btrfs_ioctl_set_received_subvol (git-fixes).\n\n - btrfs: release metadata before running delayed refs\n (bnc#1012382).\n\n - btrfs: send, fix infinite loop due to directory rename\n dependencies (bnc#1012382).\n\n - btrfs: tree-checker: Check level for leaves and nodes\n (bnc#1012382).\n\n - btrfs: tree-checker: Do not check max block group size\n as current max chunk size limit is unreliable (fixes for\n bnc#1012382 bsc#1102875 bsc#1102877 bsc#1102879\n bsc#1102882 bsc#1102896).\n\n - btrfs: tree-checker: Fix misleading group system\n information (bnc#1012382).\n\n - btrfs: tree-check: reduce stack consumption in\n check_dir_item (bnc#1012382).\n\n - btrfs: validate type when reading a chunk (bnc#1012382).\n\n - btrfs: wait on ordered extents on abort cleanup\n (bnc#1012382).\n\n - can: dev: __can_get_echo_skb(): Do not crash the kernel\n if can_priv::echo_skb is accessed out of bounds\n (bnc#1012382).\n\n - can: dev: can_get_echo_skb(): factor out non sending\n code to __can_get_echo_skb() (bnc#1012382).\n\n - can: dev: __can_get_echo_skb(): print error message, if\n trying to echo non existing skb (bnc#1012382).\n\n - can: dev: __can_get_echo_skb(): replace struct can_frame\n by canfd_frame to access frame length (bnc#1012382).\n\n - can: gw: ensure DLC boundaries after CAN frame\n modification (bnc#1012382).\n\n - can: rcar_can: Fix erroneous registration (bnc#1012382).\n\n - cdc-acm: fix abnormal DATA RX issue for Mediatek\n Preloader (bnc#1012382).\n\n - ceph: do not update importing cap's mseq when handing\n cap export (bsc#1121275).\n\n - checkstack.pl: fix for aarch64 (bnc#1012382).\n\n - cifs: Do not hide EINTR after sending network packets\n (bnc#1012382).\n\n - cifs: Fix error mapping for SMB2_LOCK command which\n caused OFD lock problem (bnc#1012382).\n\n - cifs: Fix potential OOB access of lock element array\n (bnc#1012382).\n\n - cifs: Fix separator when building path from dentry\n (bnc#1012382).\n\n - cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on\n legacy (insecure cifs) (bnc#1012382).\n\n - clk: imx6q: reset exclusive gates on init (bnc#1012382).\n\n - clk: mmp: Off by one in mmp_clk_add() (bnc#1012382).\n\n - cpufeature: avoid warning when compiling with clang\n (Git-fixes).\n\n - cpufreq: imx6q: add return value check for voltage scale\n (bnc#1012382).\n\n - crypto: authencesn - Avoid twice completion call in\n decrypt path (bnc#1012382).\n\n - crypto: authenc - fix parsing key with misaligned\n rta_len (bnc#1012382).\n\n - crypto: cts - fix crash on short inputs (bnc#1012382).\n\n - crypto: user - support incremental algorithm dumps\n (bsc#1120902).\n\n - crypto: x86/chacha20 - avoid sleeping with preemption\n disabled (bnc#1012382).\n\n - cw1200: Do not leak memory if krealloc failes\n (bnc#1012382).\n\n - debugobjects: avoid recursive calls with kmemleak\n (bnc#1012382).\n\n - Disable MSI also when pcie-octeon.pcie_disable on\n (bnc#1012382).\n\n - disable stringop truncation warnings for now\n (bnc#1012382).\n\n - dlm: fixed memory leaks after failed ls_remove_names\n allocation (bnc#1012382).\n\n - dlm: lost put_lkb on error path in receive_convert() and\n receive_unlock() (bnc#1012382).\n\n - dlm: memory leaks on error path in dlm_user_request()\n (bnc#1012382).\n\n - dlm: possible memory leak on error path in create_lkb()\n (bnc#1012382).\n\n - dmaengine: at_hdmac: fix memory leak in at_dma_xlate()\n (bnc#1012382).\n\n - dmaengine: at_hdmac: fix module unloading (bnc#1012382).\n\n - dm cache metadata: ignore hints array being too small\n during resize (Git-fixes).\n\n - dm crypt: add cryptographic data integrity protection\n (authenticated encryption) (Git-fixes).\n\n - dm crypt: factor IV constructor out to separate function\n (Git-fixes).\n\n - dm crypt: fix crash by adding missing check for auth key\n size (git-fixes).\n\n - dm crypt: fix error return code in crypt_ctr()\n (git-fixes).\n\n - dm crypt: fix memory leak in crypt_ctr_cipher_old()\n (git-fixes).\n\n - dm crypt: introduce new format of cipher with 'capi:'\n prefix (Git-fixes).\n\n - dm crypt: wipe kernel key copy after IV initialization\n (Git-fixes).\n\n - dm: do not allow readahead to limit IO size (git fixes\n (readahead)).\n\n - dm kcopyd: Fix bug causing workqueue stalls\n (bnc#1012382).\n\n - dm-multipath: do not assign cmd_flags in setup_clone()\n (bsc#1103156).\n\n - dm snapshot: Fix excessive memory usage and workqueue\n stalls (bnc#1012382).\n\n - dm thin: stop no_space_timeout worker when switching to\n write-mode (Git-fixes).\n\n - drivers: hv: vmbus: check the creation_status in\n vmbus_establish_gpadl() (bsc#1104098).\n\n - drivers: hv: vmbus: Return -EINVAL for the sys files for\n unopened channels (bnc#1012382).\n\n - drivers/sbus/char: add of_node_put() (bnc#1012382).\n\n - drivers/tty: add missing of_node_put() (bnc#1012382).\n\n - drm/ast: change resolution may cause screen blurred\n (bnc#1012382).\n\n - drm/ast: fixed cursor may disappear sometimes\n (bnc#1012382).\n\n - drm/ast: fixed reading monitor EDID not stable issue\n (bnc#1012382).\n\n - drm/ast: Fix incorrect free on ioregs (bsc#1106929)\n\n - drm/fb-helper: Ignore the value of\n fb_var_screeninfo.pixclock (bsc#1106929)\n\n - drm/ioctl: Fix Spectre v1 vulnerabilities (bnc#1012382).\n\n - drm/msm: Grab a vblank reference when waiting for\n commit_done (bnc#1012382).\n\n - drm: rcar-du: Fix external clock error checks\n (bsc#1106929)\n\n - drm: rcar-du: Fix vblank initialization (bsc#1106929)\n\n - e1000e: allow non-monotonic SYSTIM readings\n (bnc#1012382).\n\n - EDAC: Raise the maximum number of memory controllers\n (bsc#1120722).\n\n - efi/libstub/arm64: Use hidden attribute for struct\n screen_info reference (bsc#1122650).\n\n - exec: avoid gcc-8 warning for get_task_comm\n (bnc#1012382).\n\n - exportfs: do not read dentry after free (bnc#1012382).\n\n - ext2: fix potential use after free (bnc#1012382).\n\n - ext4: fix a potential fiemap/page fault deadlock w/\n inline_data (bnc#1012382).\n\n - ext4: Fix crash during online resizing (bsc#1122779).\n\n - ext4: fix EXT4_IOC_GROUP_ADD ioctl (bnc#1012382).\n\n - ext4: fix possible use after free in ext4_quota_enable\n (bnc#1012382).\n\n - ext4: force inode writes when nfsd calls\n commit_metadata() (bnc#1012382).\n\n - ext4: missing unlock/put_page() in\n ext4_try_to_write_inline_data() (bnc#1012382).\n\n - f2fs: Add sanity_check_inode() function (bnc#1012382).\n\n - f2fs: avoid unneeded loop in build_sit_entries\n (bnc#1012382).\n\n - f2fs: check blkaddr more accuratly before issue a bio\n (bnc#1012382).\n\n - f2fs: clean up argument of recover_data (bnc#1012382).\n\n - f2fs: clean up with is_valid_blkaddr() (bnc#1012382).\n\n - f2fs: detect wrong layout (bnc#1012382).\n\n - f2fs: enhance sanity_check_raw_super() to avoid\n potential overflow (bnc#1012382).\n\n - f2fs: factor out fsync inode entry operations\n (bnc#1012382).\n\n - f2fs: fix inode cache leak (bnc#1012382).\n\n - f2fs: fix invalid memory access (bnc#1012382).\n\n - f2fs: fix missing up_read (bnc#1012382).\n\n - f2fs: fix to avoid reading out encrypted data in page\n cache (bnc#1012382).\n\n - f2fs: fix to convert inline directory correctly\n (bnc#1012382).\n\n - f2fs: fix to determine start_cp_addr by sbi->cur_cp_pack\n (bnc#1012382).\n\n - f2fs: fix to do sanity check with block address in main\n area (bnc#1012382).\n\n - f2fs: fix to do sanity check with block address in main\n area v2 (bnc#1012382).\n\n - f2fs: fix to do sanity check with cp_pack_start_sum\n (bnc#1012382).\n\n - f2fs: fix to do sanity check with node footer and\n iblocks (bnc#1012382).\n\n - f2fs: fix to do sanity check with reserved blkaddr of\n inline inode (bnc#1012382).\n\n - f2fs: fix to do sanity check with secs_per_zone\n (bnc#1012382).\n\n - f2fs: fix to do sanity check with user_block_count\n (bnc#1012382).\n\n - f2fs: fix validation of the block count in\n sanity_check_raw_super (bnc#1012382).\n\n - f2fs: free meta pages if sanity check for ckpt is failed\n (bnc#1012382).\n\n - f2fs: give -EINVAL for norecovery and rw mount\n (bnc#1012382).\n\n - f2fs: introduce and spread verify_blkaddr (bnc#1012382).\n\n - f2fs: introduce get_checkpoint_version for cleanup\n (bnc#1012382).\n\n - f2fs: move sanity checking of cp into\n get_valid_checkpoint (bnc#1012382).\n\n - f2fs: not allow to write illegal blkaddr (bnc#1012382).\n\n - f2fs: put directory inodes before checkpoint in\n roll-forward recovery (bnc#1012382).\n\n - f2fs: remove an obsolete variable (bnc#1012382).\n\n - f2fs: return error during fill_super (bnc#1012382).\n\n - f2fs: sanity check on sit entry (bnc#1012382).\n\n - f2fs: use crc and cp version to determine roll-forward\n recovery (bnc#1012382).\n\n - fbdev: fbcon: Fix unregister crash when more than one\n framebuffer (bsc#1106929)\n\n - fbdev: fbmem: behave better with small rotated displays\n and many CPUs (bsc#1106929)\n\n - fix fragmentation series\n\n - Fix problem with sharetransport= and NFSv4\n (bsc#1114893).\n\n - floppy: fix race condition in __floppy_read_block_0()\n (Git-fixes).\n\n - fork: record start_time late (bnc#1012382).\n\n - fscache, cachefiles: remove redundant variable 'cache'\n (bnc#1012382).\n\n - fscache: Fix race in fscache_op_complete() due to split\n atomic_sub & read (Git-fixes).\n\n - fscache: Pass the correct cancelled indications to\n fscache_op_complete() (Git-fixes).\n\n - genwqe: Fix size check (bnc#1012382).\n\n - gfs2: Do not leave s_fs_info pointing to freed memory in\n init_sbd (bnc#1012382).\n\n - gfs2: Fix loop in gfs2_rbm_find (bnc#1012382).\n\n - git_sort.py: Remove non-existent remote tj/libata\n\n - gpiolib: Fix return value of gpio_to_desc() stub if\n !GPIOLIB (Git-fixes).\n\n - gpio: max7301: fix driver for use with CONFIG_VMAP_STACK\n (bnc#1012382).\n\n - gro_cell: add napi_disable in gro_cells_destroy\n (bnc#1012382).\n\n - hfs: do not free node before using (bnc#1012382).\n\n - hfsplus: do not free node before using (bnc#1012382).\n\n - hpwdt add dynamic debugging (bsc#1114417).\n\n - hpwdt calculate reload value on each use (bsc#1114417).\n\n - hugetlbfs: fix bug in pgoff overflow checking\n (bnc#1012382).\n\n - hwmon: (ina2xx) Fix current value calculation\n (bnc#1012382).\n\n - hwmon: (w83795) temp4_type has writable permission\n (bnc#1012382).\n\n - hwpoison, memory_hotplug: allow hwpoisoned pages to be\n offlined (bnc#1116336).\n\n - i2c: axxia: properly handle master timeout\n (bnc#1012382).\n\n - i2c: dev: prevent adapter retries and timeout being set\n as minus value (bnc#1012382).\n\n - i2c: scmi: Fix probe error on devices with an empty\n SMB0001 ACPI device node (bnc#1012382).\n\n - ib/hfi1: Fix an out-of-bounds access in get_hw_stats ().\n\n - ibmveth: Do not process frames after calling\n napi_reschedule (bcs#1123357).\n\n - ibmveth: fix DMA unmap error in ibmveth_xmit_start error\n path (bnc#1012382).\n\n - ibmvnic: Add ethtool private flag for driver-defined\n queue limits (bsc#1121726).\n\n - ibmvnic: Convert reset work item mutex to spin lock ().\n\n - ibmvnic: Fix non-atomic memory allocation in IRQ context\n ().\n\n - ibmvnic: Increase maximum queue size limit\n (bsc#1121726).\n\n - ibmvnic: Introduce driver limits for ring sizes\n (bsc#1121726).\n\n - ide: pmac: add of_node_put() (bnc#1012382).\n\n - ieee802154: lowpan_header_create check must check daddr\n (bnc#1012382).\n\n - input: elan_i2c - add ACPI ID for Lenovo IdeaPad\n 330-15ARR (bnc#1012382).\n\n - input: elan_i2c - add ACPI ID for touchpad in ASUS\n Aspire F5-573G (bnc#1012382).\n\n - input: elan_i2c - add ELAN0620 to the ACPI table\n (bnc#1012382).\n\n - input: elan_i2c - add support for ELAN0621 touchpad\n (bnc#1012382).\n\n - input: matrix_keypad - check for errors from\n of_get_named_gpio() (bnc#1012382).\n\n - input: omap-keypad - fix idle configuration to not block\n SoC idle states (bnc#1012382).\n\n - input: omap-keypad - fix keyboard debounce configuration\n (bnc#1012382).\n\n - input: restore EV_ABS ABS_RESERVED (bnc#1012382).\n\n - input: xpad - add GPD Win 2 Controller USB IDs\n (bnc#1012382).\n\n - input: xpad - add Mad Catz FightStick TE 2 VID/PID\n (bnc#1012382).\n\n - input: xpad - add more third-party controllers\n (bnc#1012382).\n\n - input: xpad - add PDP device id 0x02a4 (bnc#1012382).\n\n - input: xpad - add product ID for Xbox One S pad\n (bnc#1012382).\n\n - input: xpad - add support for PDP Xbox One controllers\n (bnc#1012382).\n\n - input: xpad - add support for Xbox1 PDP Camo series\n gamepad (bnc#1012382).\n\n - input: xpad - add USB IDs for Mad Catz Brawlstick and\n Razer Sabertooth (bnc#1012382).\n\n - input: xpad - avoid using __set_bit() for capabilities\n (bnc#1012382).\n\n - input: xpad - constify usb_device_id (bnc#1012382).\n\n - input: xpad - correctly sort vendor id's (bnc#1012382).\n\n - input: xpad - correct xbox one pad device name\n (bnc#1012382).\n\n - input: xpad - do not depend on endpoint order\n (bnc#1012382).\n\n - input: xpad - fix GPD Win 2 controller name\n (bnc#1012382).\n\n - input: xpad - fix PowerA init quirk for some gamepad\n models (bnc#1012382).\n\n - input: xpad - fix rumble on Xbox One controllers with\n 2015 firmware (bnc#1012382).\n\n - input: xpad - fix some coding style issues\n (bnc#1012382).\n\n - input: xpad - fix stuck mode button on Xbox One S pad\n (bnc#1012382).\n\n - input: xpad - fix Xbox One rumble stopping after 2.5\n secs (bnc#1012382).\n\n - input: xpad - handle 'present' and 'gone' correctly\n (bnc#1012382).\n\n - input: xpad - move reporting xbox one home button to\n common function (bnc#1012382).\n\n - input: xpad - power off wireless 360 controllers on\n suspend (bnc#1012382).\n\n - input: xpad - prevent spurious input from wired Xbox 360\n controllers (bnc#1012382).\n\n - input: xpad - quirk all PDP Xbox One gamepads\n (bnc#1012382).\n\n - input: xpad - remove spurious events of wireless xpad\n 360 controller (bnc#1012382).\n\n - input: xpad - remove unused function (bnc#1012382).\n\n - input: xpad - restore LED state after device resume\n (bnc#1012382).\n\n - input: xpad - simplify error condition in init_output\n (bnc#1012382).\n\n - input: xpad - sort supported devices by USB ID\n (bnc#1012382).\n\n - input: xpad - support some quirky Xbox One pads\n (bnc#1012382).\n\n - input: xpad - sync supported devices with 360Controller\n (bnc#1012382).\n\n - input: xpad - sync supported devices with XBCD\n (bnc#1012382).\n\n - input: xpad - sync supported devices with xboxdrv\n (bnc#1012382).\n\n - input: xpad - update Xbox One Force Feedback Support\n (bnc#1012382).\n\n - input: xpad - use LED API when identifying wireless\n controllers (bnc#1012382).\n\n - input: xpad - validate USB endpoint type during probe\n (bnc#1012382).\n\n - input: xpad - workaround dead irq_out after suspend/\n resume (bnc#1012382).\n\n - input: xpad - xbox one elite controller support\n (bnc#1012382).\n\n - intel_th: msu: Fix an off-by-one in attribute store\n (bnc#1012382).\n\n - iommu/amd: Call free_iova_fast with pfn in map_sg\n (bsc#1106105).\n\n - iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).\n\n - iommu/amd: Fix IOMMU page flush when detach device from\n a domain (bsc#1106105).\n\n - iommu/amd: Unmap all mapped pages in error path of\n map_sg (bsc#1106105).\n\n - iommu/vt-d: Fix memory leak in\n intel_iommu_put_resv_regions() (bsc#1106105).\n\n - iommu/vt-d: Handle domain agaw being less than iommu\n agaw (bsc#1106105).\n\n - ip6mr: Fix potential Spectre v1 vulnerability\n (bnc#1012382).\n\n - ipmi:ssif: Fix handling of multi-part return messages\n (bnc#1012382).\n\n - ip: on queued skb use skb_header_pointer instead of\n pskb_may_pull (bnc#1012382).\n\n - ip_tunnel: Fix name string concatenate in\n __ip_tunnel_create() (bnc#1012382).\n\n - ipv4: Fix potential Spectre v1 vulnerability\n (bnc#1012382).\n\n - ipv4: ipv6: netfilter: Adjust the frag mem limit when\n truesize changes (bsc#1110286).\n\n - ipv6: Check available headroom in ip6_xmit() even\n without options (bnc#1012382).\n\n - ipv6: Consider sk_bound_dev_if when binding a socket to\n a v4 mapped address (bnc#1012382).\n\n - ipv6: explicitly initialize udp6_addr in\n udp_sock_create6() (bnc#1012382).\n\n - ipv6: fix kernel-infoleak in ipv6_local_error()\n (bnc#1012382).\n\n - ipv6: Take rcu_read_lock in __inet6_bind for mapped\n addresses (bnc#1012382).\n\n - isdn: fix kernel-infoleak in capi_unlocked_ioctl\n (bnc#1012382).\n\n - iser: set sector for ambiguous mr status errors\n (bnc#1012382).\n\n - iwlwifi: mvm: fix regulatory domain update when the\n firmware starts (bnc#1012382).\n\n - iwlwifi: mvm: support sta_statistics() even on older\n firmware (bnc#1012382).\n\n - ixgbe: Add function for checking to see if we can reuse\n page (bsc#1100105).\n\n - ixgbe: Add support for build_skb (bsc#1100105).\n\n - ixgbe: Add support for padding packet (bsc#1100105).\n\n - ixgbe: Break out Rx buffer page management\n (bsc#1100105).\n\n - ixgbe: Fix output from ixgbe_dump (bsc#1100105).\n\n - ixgbe: fix possible race in reset subtask (bsc#1101557).\n\n - ixgbe: Make use of order 1 pages and 3K buffers\n independent of FCoE (bsc#1100105).\n\n - ixgbe: Only DMA sync frame length (bsc#1100105).\n\n - ixgbe: recognize 1000BaseLX SFP modules as 1Gbps\n (bnc#1012382).\n\n - ixgbe: Refactor queue disable logic to take completion\n time into account (bsc#1101557).\n\n - ixgbe: Reorder Tx/Rx shutdown to reduce time needed to\n stop device (bsc#1101557).\n\n - ixgbe: Update code to better handle incrementing page\n count (bsc#1100105).\n\n - ixgbe: Update driver to make use of DMA attributes in Rx\n path (bsc#1100105).\n\n - ixgbe: Use length to determine if descriptor is done\n (bsc#1100105).\n\n - jffs2: Fix use of uninitialized delayed_work, lockdep\n breakage (bnc#1012382).\n\n - kabi: hwpoison, memory_hotplug: allow hwpoisoned pages\n to be offlined (bnc#1116336).\n\n - kabi: reorder new slabinfo fields in struct\n kmem_cache_node (bnc#1116653).\n\n - kbuild: suppress packed-not-aligned warning for default\n setting only (bnc#1012382).\n\n - kconfig: fix file name and line number of\n warn_ignored_character() (bnc#1012382).\n\n - kconfig: fix memory leak when EOF is encountered in\n quotation (bnc#1012382).\n\n - kdb: use memmove instead of overlapping memcpy\n (bnc#1012382).\n\n - kdb: Use strscpy with destination buffer size\n (bnc#1012382).\n\n - kernfs: Replace strncpy with memcpy (bnc#1012382).\n\n - kgdboc: fix KASAN global-out-of-bounds bug in\n param_set_kgdboc_var() (bnc#1012382).\n\n - kgdboc: Fix restrict error (bnc#1012382).\n\n - kgdboc: Fix warning with module build (bnc#1012382).\n\n - kobject: Replace strncpy with memcpy (bnc#1012382).\n\n - kvm/arm64: Fix caching of host MDCR_EL2 value\n (bsc#1121242).\n\n - kvm/arm: Restore banked registers and physical timer\n access on hyp_panic() (bsc#1121240).\n\n - kvm/mmu: Fix race in emulated page table writes\n (bnc#1012382).\n\n - kvm/nVMX: Eliminate vmcs02 pool (bnc#1012382).\n\n - kvm/nVMX: mark vmcs12 pages dirty on L2 exit\n (bnc#1012382).\n\n - kvm/PPC: Move and undef TRACE_INCLUDE_PATH/FILE\n (bnc#1012382).\n\n - kvm/svm: Allow direct access to MSR_IA32_SPEC_CTRL\n (bnc#1012382 bsc#1068032).\n\n - kvm/svm: Ensure an IBPB on all affected CPUs when\n freeing a vmcb (bsc#1114648).\n\n - kvm/VMX: Allow direct access to MSR_IA32_SPEC_CTRL\n (bnc#1012382 bsc#1068032 bsc#1096242 bsc#1096281).\n\n - kvm/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES\n (bnc#1012382).\n\n - kvm/VMX: introduce alloc_loaded_vmcs (bnc#1012382).\n\n - kvm/VMX: make MSR bitmaps per-VCPU (bnc#1012382).\n\n - kvm/x86: Add IBPB support (bnc#1012382 bsc#1068032\n bsc#1068032).\n\n - kvm/x86: fix empty-body warnings (bnc#1012382).\n\n - kvm/x86: Remove indirect MSR op calls from SPEC_CTRL\n (bnc#1012382).\n\n - kvm/x86: Use jmp to invoke kvm_spurious_fault() from\n .fixup (bnc#1012382).\n\n - leds: call led_pwm_set() in leds-pwm to enforce default\n LED_OFF (bnc#1012382).\n\n - leds: leds-gpio: Fix return value check in\n create_gpio_led() (bnc#1012382).\n\n - leds: turn off the LED and wait for completion on\n unregistering LED class device (bnc#1012382).\n\n - libata: whitelist all SAMSUNG MZ7KM* solid-state disks\n (bnc#1012382).\n\n - libceph: fall back to sendmsg for slab pages\n (bsc#1118316).\n\n - libfc: sync strings with upstream versions\n (bsc#1114763).\n\n - lib/interval_tree_test.c: allow full tree search\n (bnc#1012382).\n\n - lib/interval_tree_test.c: allow users to limit scope of\n endpoint (bnc#1012382).\n\n - lib/interval_tree_test.c: make test options module\n parameters (bnc#1012382).\n\n - libnvdimm, (btt, blk): do integrity setup before\n add_disk() (bsc#1118926).\n\n - libnvdimm, dimm: fix dpa reservation vs uninitialized\n label area (bsc#1118936).\n\n - libnvdimm: fix integer overflow static analysis warning\n (bsc#1118922).\n\n - libnvdimm: fix nvdimm_bus_lock() vs device_lock()\n ordering (bsc#1118915).\n\n - lib/rbtree_test.c: make input module parameters\n (bnc#1012382).\n\n - lib/rbtree-test: lower default params (bnc#1012382).\n\n - llc: do not use sk_eat_skb() (bnc#1012382).\n\n - loop: Fix double mutex_unlock(&loop_ctl_mutex) in\n loop_control_ioctl() (bnc#1012382).\n\n - loop: Fold __loop_release into loop_release\n (bnc#1012382).\n\n - loop: Get rid of loop_index_mutex (bnc#1012382).\n\n - LSM: Check for NULL cred-security on free (bnc#1012382).\n\n - mac80211: Clear beacon_int in ieee80211_do_stop\n (bnc#1012382).\n\n - mac80211: fix reordering of buffered broadcast packets\n (bnc#1012382).\n\n - mac80211_hwsim: fix module init error paths for netlink\n (bnc#1012382).\n\n - mac80211_hwsim: Timer should be initialized before\n device registered (bnc#1012382).\n\n - mac80211: ignore NullFunc frames in the duplicate\n detection (bnc#1012382).\n\n - mac80211: ignore tx status for PS stations in\n ieee80211_tx_status_ext (bnc#1012382).\n\n - matroxfb: fix size of memcpy (bnc#1012382).\n\n - md: batch flush requests (bsc#1119680).\n\n - md: do not check MD_SB_CHANGE_CLEAN in md_allow_write\n (Git-fixes).\n\n - media: dvb-frontends: fix i2c access helpers for KASAN\n (bnc#1012382).\n\n - media: em28xx: Fix misplaced reset of\n dev->v4l::field_count (bnc#1012382).\n\n - media: em28xx: Fix use-after-free when disconnecting\n (bnc#1012382).\n\n - media: firewire: Fix app_info parameter type in\n avc_ca(,_app)_info (bnc#1012382).\n\n - media: vb2: be sure to unlock mutex on errors\n (bnc#1012382).\n\n - media: vb2: vb2_mmap: move lock up (bnc#1012382).\n\n - media: vivid: fix error handling of kthread_run\n (bnc#1012382).\n\n - media: vivid: free bitmap_cap when updating\n std/timings/etc (bnc#1012382).\n\n - media: vivid: set min width/height to a value > 0\n (bnc#1012382).\n\n - mfd: tps6586x: Handle interrupts on suspend\n (bnc#1012382).\n\n - mips: Align kernel load address to 64KB (bnc#1012382).\n\n - mips: Ensure pmd_present() returns false after\n pmd_mknotpresent() (bnc#1012382).\n\n - mips: fix mips_get_syscall_arg o32 check (bnc#1012382).\n\n - mips: fix n32 compat_ipc_parse_version (bnc#1012382).\n\n - mips: ralink: Fix mt7620 nd_sd pinmux (bnc#1012382).\n\n - MIPS: SiByte: Enable swiotlb for SWARM, LittleSur and\n BigSur (bnc#1012382).\n\n - misc: mic/scif: fix copy-paste error in\n scif_create_remote_lookup (bnc#1012382).\n\n - mmc: atmel-mci: do not assume idle after\n atmci_request_end (bnc#1012382).\n\n - mmc: core: Reset HPI enabled state during re-init and in\n case of errors (bnc#1012382).\n\n - mm: cleancache: fix corruption on missed inode\n invalidation (bnc#1012382).\n\n - MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310\n (bnc#1012382).\n\n - mmc: omap_hsmmc: fix DMA API warning (bnc#1012382).\n\n - mm, devm_memremap_pages: kill mapping 'System RAM'\n support (bnc#1012382).\n\n - mm: do not miss the last page because of round-off error\n (bnc#1118798).\n\n - mm, hugetlb: fix huge_pte_alloc BUG_ON (bsc#1119204).\n\n - mm: hwpoison: call shake_page() after try_to_unmap() for\n mlocked page (bnc#1116336).\n\n - mm: lower the printk loglevel for __dump_page messages\n (generic hotplug debugability).\n\n - mm, memory_hotplug: be more verbose for memory offline\n failures (generic hotplug debugability).\n\n - mm, memory_hotplug: drop pointless block alignment\n checks from __offline_pages (generic hotplug\n debugability).\n\n - mm, memory_hotplug: print reason for the offlining\n failure (generic hotplug debugability).\n\n - mm: mlock: avoid increase mm->locked_vm on mlock() when\n already mlock2(,MLOCK_ONFAULT) (bnc#1012382).\n\n - mm/nommu.c: Switch __get_user_pages_unlocked() to use\n __get_user_pages() (bnc#1012382).\n\n - mm: only report isolation failures when offlining memory\n (generic hotplug debugability).\n\n - mm/page-writeback.c: do not break integrity writeback on\n ->writepage() error (bnc#1012382).\n\n - mm: Preserve _PAGE_DEVMAP across mprotect() calls\n (bsc#1118790).\n\n - mm: print more information about mapping in __dump_page\n (generic hotplug debugability).\n\n - mm, proc: be more verbose about unstable VMA flags in\n /proc/<pid>/smaps (bnc#1012382).\n\n - mm: put_and_wait_on_page_locked() while page is migrated\n (bnc#1109272).\n\n - mm: remove write/force parameters from\n __get_user_pages_locked() (bnc#1012382 bsc#1027260).\n\n - mm: remove write/force parameters from\n __get_user_pages_unlocked() (bnc#1012382 bsc#1027260).\n\n - mm: replace __access_remote_vm() write parameter with\n gup_flags (bnc#1012382).\n\n - mm: replace access_remote_vm() write parameter with\n gup_flags (bnc#1012382).\n\n - mm: replace get_user_pages_locked() write/force\n parameters with gup_flags (bnc#1012382 bsc#1027260).\n\n - mm: replace get_user_pages_unlocked() write/force\n parameters with gup_flags (bnc#1012382 bsc#1027260).\n\n - mm: replace get_user_pages() write/force parameters with\n gup_flags (bnc#1012382 bsc#1027260).\n\n - mm: replace get_vaddr_frames() write/force parameters\n with gup_flags (bnc#1012382).\n\n - mm, slab: faster active and free stats (bsc#116653, VM\n Performance).\n\n - mm/slab: improve performance of gathering slabinfo stats\n (bsc#116653, VM Performance).\n\n - mm, slab: maintain total slab count instead of active\n count (bsc#116653, VM Performance).\n\n - Move patches to sorted range, p1\n\n - mv88e6060: disable hardware level MAC learning\n (bnc#1012382).\n\n - mwifiex: Fix NULL pointer dereference in skb_dequeue()\n (bnc#1012382).\n\n - mwifiex: fix p2p device does not find in scan problem\n (bnc#1012382).\n\n - namei: allow restricted O_CREAT of FIFOs and regular\n files (bnc#1012382).\n\n - neighbour: Avoid writing before skb->head in\n neigh_hh_output() (bnc#1012382).\n\n - net: 8139cp: fix a BUG triggered by changing mtu with\n network traffic (bnc#1012382).\n\n - net: amd: add missing of_node_put() (bnc#1012382).\n\n - net: bcmgenet: fix OF child-node lookup (bnc#1012382).\n\n - net: bridge: fix a bug on using a neighbour cache entry\n without checking its state (bnc#1012382).\n\n - net: call sk_dst_reset when set SO_DONTROUTE\n (bnc#1012382).\n\n - net: ena: fix crash during ena_remove() (bsc#1108240).\n\n - net: ena: update driver version from 2.0.1 to 2.0.2\n (bsc#1108240).\n\n - net: faraday: ftmac100: remove netif_running(netdev)\n check before disabling interrupts (bnc#1012382).\n\n - netfilter: nf_tables: fix oops when inserting an element\n into a verdict map (bnc#1012382).\n\n - net: hisilicon: remove unexpected free_netdev\n (bnc#1012382).\n\n - net/ibmvnic: Fix RTNL deadlock during device reset\n (bnc#1115431).\n\n - net: ipv4: do not handle duplicate fragments as\n overlapping (bsc#1116345).\n\n - net/mlx4_core: Correctly set PFC param if global pause\n is turned off (bsc#1015336 bsc#1015337 bsc#1015340).\n\n - net/mlx4_core: Fix uninitialized variable compilation\n warning (bnc#1012382).\n\n - net/mlx4_core: Zero out lkey field in SW2HW_MPT fw\n command (bnc#1012382).\n\n - net/mlx4: Fix UBSAN warning of signed integer overflow\n (bnc#1012382).\n\n - net: phy: do not allow __set_phy_supported to add\n unsupported modes (bnc#1012382).\n\n - net: Prevent invalid access to skb->prev in\n __qdisc_drop_all (bnc#1012382).\n\n - netrom: fix locking in nr_find_socket() (bnc#1012382).\n\n - net: speed up skb_rbtree_purge() (bnc#1012382).\n\n - net: thunderx: fix NULL pointer dereference in\n nic_remove (bnc#1012382).\n\n - nfc: nfcmrvl_uart: fix OF child-node lookup\n (bnc#1012382).\n\n - nfit: skip region registration for incomplete control\n regions (bsc#1118930).\n\n - nfsv4: Do not exit the state manager without clearing\n NFS4CLNT_MANAGER_RUNNING (git-fixes).\n\n - nvme: validate controller state before rescheduling keep\n alive (bsc#1103257).\n\n - ocfs2: fix deadlock caused by ocfs2_defrag_extent()\n (bnc#1012382).\n\n - ocfs2: fix panic due to unrecovered local alloc\n (bnc#1012382).\n\n - ocfs2: fix potential use after free (bnc#1012382).\n\n - of: add helper to lookup compatible child node\n (bnc#1012382).\n\n - omap2fb: Fix stack memory disclosure (bsc#1106929)\n\n - packet: Do not leak dev refcounts on error exit\n (bnc#1012382).\n\n - packet: validate address length (bnc#1012382).\n\n - packet: validate address length if non-zero\n (bnc#1012382).\n\n - pci: altera: Check link status before retrain link\n (bnc#1012382).\n\n - pci: altera: Fix altera_pcie_link_is_up() (bnc#1012382).\n\n - pci: altera: Move retrain from fixup to\n altera_pcie_host_init() (bnc#1012382).\n\n - pci: altera: Poll for link training status after\n retraining the link (bnc#1012382).\n\n - pci: altera: Poll for link up status after retraining\n the link (bnc#1012382).\n\n - pci: altera: Reorder read/write functions (bnc#1012382).\n\n - pci: altera: Rework config accessors for use without a\n struct pci_bus (bnc#1012382).\n\n - perf/bpf: Convert perf_event_array to use struct file\n (bsc#1119967).\n\n - perf intel-pt: Fix error with config term 'pt=0'\n (bnc#1012382).\n\n - perf parse-events: Fix unchecked usage of strncpy()\n (bnc#1012382).\n\n - perf pmu: Suppress potential format-truncation warning\n (bnc#1012382).\n\n - perf svghelper: Fix unchecked usage of strncpy()\n (bnc#1012382).\n\n - pinctrl: sunxi: a83t: Fix IRQ offset typo for PH11\n (bnc#1012382).\n\n - platform/x86: asus-wmi: Tell the EC the OS will handle\n the display off hotkey (bnc#1012382).\n\n - powerpc/64s: consolidate MCE counter increment\n (bsc#1094244).\n\n - powerpc/boot: Fix random libfdt related build errors\n (bnc#1012382).\n\n - powerpc/boot: Request no dynamic linker for boot wrapper\n (bsc#1070805).\n\n - powerpc/cacheinfo: Report the correct shared_cpu_map on\n big-cores (bsc#1109695).\n\n - powerpc: Detect the presence of big-cores via 'ibm,\n thread-groups' (bsc#1109695).\n\n - powerpc: Fix COFF zImage booting on old powermacs\n (bnc#1012382).\n\n - powerpc, hotplug: Avoid to touch non-existent cpumasks\n (bsc#1109695).\n\n - powerpc: make use of for_each_node_by_type() instead of\n open-coding it (bsc#1109695).\n\n - powerpc/msi: Fix NULL pointer access in teardown code\n (bnc#1012382).\n\n - powerpc/numa: Suppress 'VPHN is not supported' messages\n (bnc#1012382).\n\n - powerpc/pseries/cpuidle: Fix preempt warning\n (bnc#1012382).\n\n - powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).\n\n - powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).\n\n - powerpc/smp: Add Power9 scheduler topology\n (bsc#1109695).\n\n - powerpc/smp: Rework CPU topology construction\n (bsc#1109695).\n\n - powerpc/smp: Use cpu_to_chip_id() to find core siblings\n (bsc#1109695).\n\n - powerpc/traps: restore recoverability of machine_check\n interrupts (bsc#1094244).\n\n - powerpc: Use cpu_smallcore_sibling_mask at SMT level on\n bigcores (bsc#1109695).\n\n - powerpc/xmon: Fix invocation inside lock region\n (bsc#1122885).\n\n - power: supply: olpc_battery: correct the temperature\n units (bnc#1012382).\n\n - proc: Remove empty line in /proc/self/status\n (bnc#1012382 bsc#1094823).\n\n - pstore: Convert console write to use ->write_buf\n (bnc#1012382).\n\n - pstore/ram: Do not treat empty buffers as valid\n (bnc#1012382).\n\n - qed: Fix bitmap_weight() check (bsc#1019695).\n\n - qed: Fix PTT leak in qed_drain() (bnc#1012382).\n\n - qed: Fix QM getters to always return a valid pq\n (bsc#1019695 ).\n\n - qed: Fix reading wrong value in loop condition\n (bnc#1012382).\n\n - r8169: Add support for new Realtek Ethernet\n (bnc#1012382).\n\n - rapidio/rionet: do not free skb before reading its\n length (bnc#1012382).\n\n - Refresh\n patches.kabi/x86-cpufeature-preserve-numbers.patch.\n (bsc#1122651)\n\n - Revert 'drm/rockchip: Allow driver to be shutdown on\n reboot/kexec' (bsc#1106929)\n\n - Revert 'exec: avoid gcc-8 warning for get_task_comm'\n (kabi).\n\n - Revert 'iommu/io-pgtable-arm: Check for v7s-incapable\n systems' (bsc#1106105).\n\n - Revert 'PCI/ASPM: Do not initialize link state when\n aspm_disabled is set' (bsc#1106105).\n\n - Revert 'usb: musb: musb_host: Enable HCD_BH flag to\n handle urb return in bottom half' (bsc#1047487).\n\n - Revert 'wlcore: Add missing PM call for\n wlcore_cmd_wait_for_event_or_timeout()' (bnc#1012382).\n\n - rocker: fix rocker_tlv_put_* functions for KASAN\n (bnc#1012382).\n\n - rtc: snvs: add a missing write sync (bnc#1012382).\n\n - rtc: snvs: Add timeouts to avoid kernel lockups\n (bnc#1012382).\n\n - rtnetlink: ndo_dflt_fdb_dump() only work for\n ARPHRD_ETHER devices (bnc#1012382).\n\n - s390/cpum_cf: Reject request for sampling in event\n initialization (bnc#1012382).\n\n - s390/mm: Check for valid vma before zapping in\n gmap_discard (bnc#1012382).\n\n - s390/qeth: fix length check in SNMP processing\n (bnc#1012382).\n\n - sbus: char: add of_node_put() (bnc#1012382).\n\n - scsi: bfa: convert to strlcpy/strlcat (bnc#1012382\n bsc#1019683, ).\n\n - scsi: bnx2fc: Fix NULL dereference in error handling\n (bnc#1012382).\n\n - scsi: Create two versions of\n scsi_internal_device_unblock() (bsc#1119877).\n\n - scsi: csiostor: Avoid content leaks and casts\n (bnc#1012382).\n\n - scsi: Introduce scsi_start_queue() (bsc#1119877).\n\n - scsi: libiscsi: Fix NULL pointer dereference in\n iscsi_eh_session_reset (bnc#1012382).\n\n - scsi: lpfc: Add Buffer overflow check, when nvme_info\n larger than PAGE_SIZE (bsc#1102660).\n\n - scsi: lpfc: devloss timeout race condition caused NULL\n pointer reference (bsc#1102660).\n\n - scsi: lpfc: Fix abort error path for NVMET\n (bsc#1102660).\n\n - scsi: lpfc: fix block guard enablement on SLI3 adapters\n (bsc#1079935).\n\n - scsi: lpfc: Fix driver crash when re-registering NVME\n rports (bsc#1102660).\n\n - scsi: lpfc: Fix ELS abort on SLI-3 adapters\n (bsc#1102660).\n\n - scsi: lpfc: Fix list corruption on the completion queue\n (bsc#1102660).\n\n - scsi: lpfc: Fix NVME Target crash in defer rcv logic\n (bsc#1102660).\n\n - scsi: lpfc: Fix panic if driver unloaded when port is\n offline (bsc#1102660).\n\n - scsi: lpfc: update driver version to 11.4.0.7-5\n (bsc#1102660).\n\n - scsi: Make __scsi_remove_device go straight from BLOCKED\n to DEL (bsc#1119877).\n\n - scsi: megaraid: fix out-of-bound array accesses\n (bnc#1012382).\n\n - scsi: Protect SCSI device state changes with a mutex\n (bsc#1119877).\n\n - scsi: qedi: Add ISCSI_BOOT_SYSFS to Kconfig\n (bsc#1043083).\n\n - scsi: Re-export scsi_internal_device_(,un)_block()\n (bsc#1119877).\n\n - scsi: sd: Fix cache_type_store() (bnc#1012382).\n\n - scsi: Split scsi_internal_device_block() (bsc#1119877).\n\n - scsi: target: add emulate_pr backstore attr to toggle PR\n support (bsc#1091405).\n\n - scsi: target: drop unused pi_prot_format attribute\n storage (bsc#1091405).\n\n - scsi: target: use consistent left-aligned ASCII INQUIRY\n data (bnc#1012382).\n\n - scsi: ufs: fix bugs related to NULL pointer access and\n array size (bnc#1012382).\n\n - scsi: ufs: fix race between clock gating and devfreq\n scaling work (bnc#1012382).\n\n - scsi: ufshcd: Fix race between clk scaling and ungate\n work (bnc#1012382).\n\n - scsi: ufshcd: release resources if probe fails\n (bnc#1012382).\n\n - scsi: use 'inquiry_mutex' instead of 'state_mutex'\n (bsc#1119877).\n\n - scsi: vmw_pscsi: Rearrange code to avoid multiple calls\n to free_irq during unload (bnc#1012382).\n\n - scsi: zfcp: fix posting too many status read buffers\n leading to adapter shutdown (bnc#1012382).\n\n - sctp: allocate sctp_sockaddr_entry with kzalloc\n (bnc#1012382).\n\n - sctp: clear the transport of some out_chunk_list chunks\n in sctp_assoc_rm_peer (bnc#1012382).\n\n - sctp: initialize sin6_flowinfo for ipv6 addrs in\n sctp_inet6addr_event (bnc#1012382).\n\n - selftests: Move networking/timestamping from\n Documentation (bnc#1012382).\n\n - selinux: fix GPF on invalid policy (bnc#1012382).\n\n - seq_file: fix incomplete reset on read from zero offset\n (Git-fixes).\n\n - series.conf: Move\n 'patches.fixes/aio-hold-an-extra-file-reference-over-AIO\n -read-write.patch' into sorted section.\n\n - slab: alien caches must not be initialized if the\n allocation of the alien cache failed (bnc#1012382).\n\n - sock: Make sock->sk_stamp thread-safe (bnc#1012382).\n\n - spi: bcm2835: Avoid finishing transfer prematurely in\n IRQ mode (bnc#1012382).\n\n - spi: bcm2835: Fix book-keeping of DMA termination\n (bnc#1012382).\n\n - spi: bcm2835: Fix race on DMA termination (bnc#1012382).\n\n - spi: bcm2835: Unbreak the build of esoteric configs\n (bnc#1012382).\n\n - sr: pass down correctly sized SCSI sense buffer\n (bnc#1012382).\n\n - Staging: lustre: remove two build warnings\n (bnc#1012382).\n\n - staging: rts5208: fix gcc-8 logic error warning\n (bnc#1012382).\n\n - staging: speakup: Replace strncpy with memcpy\n (bnc#1012382).\n\n - sunrpc: Fix a bogus get/put in generic_key_to_expire()\n (bnc#1012382).\n\n - sunrpc: Fix a potential race in xprt_connect()\n (git-fixes).\n\n - sunrpc: fix cache_head leak due to queued request\n (bnc#1012382).\n\n - sunrpc: Fix leak of krb5p encode pages (bnc#1012382).\n\n - sunrpc: handle ENOMEM in rpcb_getport_async\n (bnc#1012382).\n\n - swiotlb: clean up reporting (bnc#1012382).\n\n - sysfs: Disable lockdep for driver bind/unbind files\n (bnc#1012382).\n\n - sysv: return 'err' instead of 0 in __sysv_write_inode\n (bnc#1012382).\n\n - target/iscsi: avoid NULL dereference in CHAP auth error\n path (bsc#1117165).\n\n - target: se_dev_attrib.emulate_pr ABI stability\n (bsc#1091405).\n\n - tcp: fix NULL ref in tail loss probe (bnc#1012382).\n\n - timer/debug: Change /proc/timer_list from 0444 to 0400\n (bnc#1012382).\n\n - tipc: fix uninit-value in tipc_nl_compat_bearer_enable\n (bnc#1012382).\n\n - tipc: fix uninit-value in tipc_nl_compat_doit\n (bnc#1012382).\n\n - tipc: fix uninit-value in\n tipc_nl_compat_link_reset_stats (bnc#1012382).\n\n - tipc: fix uninit-value in tipc_nl_compat_link_set\n (bnc#1012382).\n\n - tipc: fix uninit-value in tipc_nl_compat_name_table_dump\n (bnc#1012382).\n\n - tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with\n a negative offset (bnc#1012382).\n\n - tpm: fix response size validation in tpm_get_random()\n (bsc#1020645, git-fixes).\n\n - tracing: Fix bad use of igrab in trace_uprobe.c\n (bsc#1120046).\n\n - tracing: Fix memory leak in set_trigger_filter()\n (bnc#1012382).\n\n - tracing: Fix memory leak of instance function hash\n filters (bnc#1012382).\n\n - tty/ldsem: Wake up readers after timed out down_write()\n (bnc#1012382).\n\n - tty: serial: 8250_mtk: always resume the device in probe\n (bnc#1012382).\n\n - tty: wipe buffer (bnc#1012382).\n\n - tty: wipe buffer if not echoing data (bnc#1012382).\n\n - tun: forbid iface creation with rtnl ops (bnc#1012382).\n\n - unifdef: use memcpy instead of strncpy (bnc#1012382).\n\n - Update config files: disable f2fs in the rest configs\n (boo#1109665)\n\n - uprobes: Fix handle_swbp() vs. unregister() + register()\n race once more (bnc#1012382).\n\n - usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70\n RGB (bnc#1012382).\n\n - usb: appledisplay: Add 27' Apple Cinema Display\n (bnc#1012382).\n\n - usb: cdc-acm: send ZLP for Telit 3G Intel based modems\n (bnc#1012382).\n\n - usb: check usb_get_extra_descriptor for proper size\n (bnc#1012382).\n\n - usb: core: Fix hub port connection events lost\n (bnc#1012382).\n\n - usb: core: quirks: add RESET_RESUME quirk for Cherry\n G230 Stream series (bnc#1012382).\n\n - usb: gadget: dummy: fix nonsensical comparisons\n (bnc#1012382).\n\n - usbnet: ipheth: fix potential recvmsg bug and recvmsg\n bug 2 (bnc#1012382).\n\n - usb: omap_udc: fix crashes on probe error and module\n removal (bnc#1012382).\n\n - usb: omap_udc: fix omap_udc_start() on 15xx machines\n (bnc#1012382).\n\n - usb: omap_udc: fix USB gadget functionality on Palm\n Tungsten E (bnc#1012382).\n\n - usb: omap_udc: use devm_request_irq() (bnc#1012382).\n\n - usb: quirk: add no-LPM quirk on SanDisk Ultra Flair\n device (bnc#1012382).\n\n - usb: r8a66597: Fix a possible concurrency use-after-free\n bug in r8a66597_endpoint_disable() (bnc#1012382).\n\n - usb: serial: option: add Fibocom NL668 series\n (bnc#1012382).\n\n - usb: serial: option: add Fibocom NL678 series\n (bnc#1012382).\n\n - usb: serial: option: add GosunCn ZTE WeLink ME3630\n (bnc#1012382).\n\n - usb: serial: option: add HP lt4132 (bnc#1012382).\n\n - usb: serial: option: add Simcom SIM7500/SIM7600 (MBIM\n mode) (bnc#1012382).\n\n - usb: serial: option: add Telit LN940 series\n (bnc#1012382).\n\n - usb: serial: pl2303: add ids for Hewlett-Packard HP POS\n pole displays (bnc#1012382).\n\n - usb: storage: add quirk for SMI SM3350 (bnc#1012382).\n\n - usb: storage: do not insert sane sense for SPC3+ when\n bad sense specified (bnc#1012382).\n\n - usb: usb-storage: Add new IDs to ums-realtek\n (bnc#1012382).\n\n - usb: xhci: fix timeout for transition from RExit to U0\n (bnc#1012382).\n\n - usb: xhci: fix uninitialized completion when USB3 port\n got wrong status (bnc#1012382).\n\n - usb: xhci: Prevent bus suspend if a port connect change\n or polling state is detected (bnc#1012382).\n\n - v9fs_dir_readdir: fix double-free on p9stat_read error\n (bnc#1012382).\n\n - vfs: Avoid softlockups in drop_pagecache_sb()\n (bsc#1118505).\n\n - vhost: make sure used idx is seen before log in\n vhost_add_used_n() (bnc#1012382).\n\n - virtio/s390: avoid race on vcdev->config (bnc#1012382).\n\n - virtio/s390: fix race in ccw_io_helper() (bnc#1012382).\n\n - VSOCK: Send reset control packet when socket is\n partially bound (bnc#1012382).\n\n - writeback: do not decrement wb->refcnt if !wb->bdi (git\n fixes (writeback)).\n\n - x86/earlyprintk/efi: Fix infinite loop on some screen\n widths (bnc#1012382).\n\n - x86/entry: spell EBX register correctly in documentation\n (bnc#1012382).\n\n - x86/MCE: Export memory_error() (bsc#1114648).\n\n - x86/MCE: Make correctable error detection look at the\n Deferred bit (bsc#1114648).\n\n - x86/mtrr: Do not copy uninitialized gentry fields back\n to userspace (bnc#1012382).\n\n - x86/speculation/l1tf: Drop the swap storage limit\n restriction when l1tf=off (bnc#1114871).\n\n - x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP\n (bnc#1012382).\n\n - xen/balloon: Support xend-based toolstack (bnc#1065600).\n\n - xen/netback: dont overflow meta array (bnc#1099523).\n\n - xen/netfront: tolerate frags with no data (bnc#1012382).\n\n - xen/x86: add diagnostic printout to xen_mc_flush() in\n case of error (bnc#1116183).\n\n - xen: xlate_mmu: add missing header to fix 'W=1' warning\n (bnc#1012382).\n\n - xfrm: Fix bucket count reported to userspace\n (bnc#1012382).\n\n - xfs: Align compat attrlist_by_handle with native\n implementation (git-fixes).\n\n - xfs: fix quotacheck dquot id overflow infinite loop\n (bsc#1121621).\n\n - xhci: Add quirk to workaround the errata seen on Cavium\n Thunder-X2 Soc (bsc#1117162).\n\n - xhci: Do not prevent USB2 bus suspend in state check\n intended for USB3 only (bnc#1012382).\n\n - xhci: Prevent U1/U2 link pm states if exit latency is\n too long (bnc#1012382).\n\n - xprtrdma: Reset credit grant properly after a disconnect\n (git-fixes).\n\n - xtensa: enable coprocessors that are being flushed\n (bnc#1012382).\n\n - xtensa: fix coprocessor context offset definitions\n (bnc#1012382).\n\n - Yama: Check for pid death before checking ancestry\n (bnc#1012382).\n\n - x86/pkeys: Properly copy pkey state at fork()\n (bsc#1106105).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1012382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1015336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1015337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1015340\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1019683\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1019695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1023175\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1027260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1031492\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1043083\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1047487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1068032\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1070805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1079935\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1086423\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087082\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091405\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1094244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1094823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1096242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1096281\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1099523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1100105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101557\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1102660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1102875\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1102877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1102879\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1102882\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1102896\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103156\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1107866\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109272\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109665\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1110286\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114763\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114871\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1116027\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1116183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1116336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1116345\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1116653\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1116841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1116962\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117162\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118316\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118505\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118922\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118930\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118936\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120743\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121621\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121726\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123357\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-9568\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-base-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-base-debuginfo-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-debuginfo-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-debugsource-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-devel-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-devel-debuginfo-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-base-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-base-debuginfo-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-debuginfo-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-debugsource-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-devel-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-devel-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-docs-html-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-docs-pdf-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-macros-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-obs-build-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-obs-build-debugsource-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-obs-qa-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-source-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-source-vanilla-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-syms-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-base-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-base-debuginfo-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-debuginfo-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-debugsource-4.4.172-86.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-devel-4.4.172-86.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-devel / kernel-macros / kernel-source / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T14:32:42", "description": "The SUSE Linux Enterprise 12 SP3 kernel for Azure was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic was uninitialized (bnc#1116841).\n\nCVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).\n\nCVE-2018-3639: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4 (bnc#1087082).\n\nCVE-2018-1120: By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which made a read() call to the /proc/<pid>/cmdline (or /proc/<pid>/environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks) (bnc#1093158). </pid></pid>\n\nCVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrm_user.c allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (bnc#1069702).\n\nCVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).\n\nCVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n\nCVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation (bnc#1118319).\n\nCVE-2018-16862: A security flaw was found in the way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).\n\nCVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-24T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0148-1) (Spectre)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16939", "CVE-2018-1120", "CVE-2018-16862", "CVE-2018-16884", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-19985", "CVE-2018-20169", "CVE-2018-3639", "CVE-2018-9568"], "modified": "2022-05-24T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-azure", "p-cpe:/a:novell:suse_linux:kernel-azure-base", "p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debugsource", "p-cpe:/a:novell:suse_linux:kernel-azure-devel", "p-cpe:/a:novell:suse_linux:kernel-syms-azure", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0148-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121344", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0148-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121344);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/24\");\n\n script_cve_id(\n \"CVE-2017-16939\",\n \"CVE-2018-1120\",\n \"CVE-2018-3639\",\n \"CVE-2018-9568\",\n \"CVE-2018-16862\",\n \"CVE-2018-16884\",\n \"CVE-2018-19407\",\n \"CVE-2018-19824\",\n \"CVE-2018-19985\",\n \"CVE-2018-20169\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0148-1) (Spectre)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The SUSE Linux Enterprise 12 SP3 kernel for Azure was updated to\nreceive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c\nallowed local users to cause a denial of service (NULL pointer\ndereference and BUG) via crafted system calls that reach a situation\nwhere ioapic was uninitialized (bnc#1116841).\n\nCVE-2018-19985: The function hso_probe read if_num from the USB device\n(as an u8) and used it without a length check to index an array,\nresulting in an OOB memory read in hso_probe or hso_get_config_data\nthat could be used by local attackers (bnc#1120743).\n\nCVE-2018-3639: Systems with microprocessors utilizing speculative\nexecution and speculative execution of memory reads before the\naddresses of all prior memory writes are known may allow unauthorized\ndisclosure of information to an attacker with local user access via a\nside-channel analysis, aka Speculative Store Bypass (SSB), Variant 4\n(bnc#1087082).\n\nCVE-2018-1120: By mmap()ing a FUSE-backed file onto a process's memory\ncontaining command line arguments (or environment strings), an\nattacker can cause utilities from psutils or procps (such as ps, w) or\nany other program which made a read() call to the /proc/<pid>/cmdline\n(or /proc/<pid>/environ) files to block indefinitely (denial of\nservice) or for some controlled time (as a synchronization primitive\nfor other attacks) (bnc#1093158). </pid></pid>\n\nCVE-2017-16939: The XFRM dump policy implementation in\nnet/xfrm/xfrm_user.c allowed local users to gain privileges or cause a\ndenial of service (use-after-free) via a crafted SO_RCVBUF setsockopt\nsystem call in conjunction with XFRM_MSG_GETPOLICY Netlink messages\n(bnc#1069702).\n\nCVE-2018-16884: NFS41+ shares mounted in different network namespaces\nat the same time can make bc_svc_process() use wrong back-channel IDs\nand cause a use-after-free vulnerability. Thus a malicious container\nuser can cause a host kernel memory corruption and a system panic. Due\nto the nature of the flaw, privilege escalation cannot be fully ruled\nout (bnc#1119946).\n\nCVE-2018-20169: The USB subsystem mishandled size checks during the\nreading of an extra descriptor, related to __usb_get_extra_descriptor\nin drivers/usb/core/usb.c (bnc#1119714).\n\nCVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory\ncorruption due to type confusion. This could lead to local escalation\nof privilege with no additional execution privileges needed. User\ninteraction is not needed for exploitation (bnc#1118319).\n\nCVE-2018-16862: A security flaw was found in the way that the\ncleancache subsystem clears an inode after the final file truncation\n(removal). The new file created with the same inode may contain\nleftover pages from cleancache and the old file data instead of the\nnew one (bnc#1117186).\n\nCVE-2018-19824: A local user could exploit a use-after-free in the\nALSA driver by supplying a malicious USB Sound device (with zero\ninterfaces) that is mishandled in usb_audio_probe in sound/usb/card.c\n(bnc#1118152).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012382\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1015336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1015337\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1015340\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1019683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1019695\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027260\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1042286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1043083\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046264\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1047487\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1048916\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1066223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1068032\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1069702\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1070805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1079935\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087082\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1091405\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1093158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1094244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1094973\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1096242\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1096281\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1099523\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1100105\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101557\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102439\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102660\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103156\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103624\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104731\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105412\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106105\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106237\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106240\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1107385\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108145\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108240\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109272\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109330\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109806\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111062\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112246\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112963\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113412\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114190\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114417\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114475\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114763\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114839\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114871\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115431\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115433\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115440\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115587\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115709\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116183\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116285\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116336\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116345\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116497\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116841\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116950\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117162\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117165\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117186\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117562\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118152\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118316\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118319\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118505\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118798\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118915\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118922\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118930\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118936\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119204\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119714\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119946\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119970\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120046\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121239\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121240\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121241\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121242\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121275\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121621\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-16939/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-1120/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16862/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16884/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-19407/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-19824/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-19985/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-20169/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-3639/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-9568/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190148-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?facf390b\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-148=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-9568\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16884\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-azure-4.4.170-4.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-azure-base-4.4.170-4.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-azure-base-debuginfo-4.4.170-4.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-azure-debuginfo-4.4.170-4.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-azure-debugsource-4.4.170-4.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-azure-devel-4.4.170-4.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-syms-azure-4.4.170-4.22.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:49:34", "description": "An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor.\nRed Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.\n\nSecurity Fix(es) :\n\n* systemd: stack overflow when calling syslog from a command with long cmdline (CVE-2018-16864)\n\n* systemd: stack overflow when receiving many journald entries (CVE-2018-16865)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-20T00:00:00", "type": "nessus", "title": "RHEL 7 : Virtualization Manager (RHSA-2019:0342)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:redhat-release-virtualization-host", "p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update", "p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update-placeholder", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-0342.NASL", "href": "https://www.tenable.com/plugins/nessus/122329", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:0342. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122329);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/10/24 15:35:46\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\");\n script_xref(name:\"RHSA\", value:\"2019:0342\");\n\n script_name(english:\"RHEL 7 : Virtualization Manager (RHSA-2019:0342)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for redhat-virtualization-host is now available for Red Hat\nVirtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe redhat-virtualization-host packages provide the Red Hat\nVirtualization Host. These packages include\nredhat-release-virtualization-host, ovirt-node, and rhev-hypervisor.\nRed Hat Virtualization Hosts (RHVH) are installed using a special\nbuild of Red Hat Enterprise Linux with only the packages required to\nhost virtual machines. RHVH features a Cockpit user interface for\nmonitoring the host's resources and performing administrative tasks.\n\nSecurity Fix(es) :\n\n* systemd: stack overflow when calling syslog from a command with long\ncmdline (CVE-2018-16864)\n\n* systemd: stack overflow when receiving many journald entries\n(CVE-2018-16865)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:0342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16865\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected redhat-release-virtualization-host,\nredhat-virtualization-host-image-update and / or\nredhat-virtualization-host-image-update-placeholder packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-release-virtualization-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update-placeholder\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:0342\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"redhat-release-virtualization-host-4.2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Red Hat Virtualization 4\");\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"redhat-release-virtualization-host-4.2-8.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"redhat-virtualization-host-image-update-4.2-20190129.0.el7_6\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"redhat-virtualization-host-image-update-placeholder-4.2-8.1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"redhat-release-virtualization-host / etc\");\n }\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:49:36", "description": "An update for rhvm-appliance is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal.\n\nSecurity Fix(es) :\n\n* systemd: stack overflow when calling syslog from a command with long cmdline (CVE-2018-16864)\n\n* systemd: stack overflow when receiving many journald entries (CVE-2018-16865)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-20T00:00:00", "type": "nessus", "title": "RHEL 7 : Virtualization Manager (RHSA-2019:0361)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rhvm-appliance", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-0361.NASL", "href": "https://www.tenable.com/plugins/nessus/122331", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:0361. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122331);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/10/24 15:35:46\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\");\n script_xref(name:\"RHSA\", value:\"2019:0361\");\n\n script_name(english:\"RHEL 7 : Virtualization Manager (RHSA-2019:0361)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for rhvm-appliance is now available for Red Hat\nVirtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe RHV-M Virtual Appliance automates the process of installing and\nconfiguring the Red Hat Virtualization Manager. The appliance is\navailable to download as an OVA file from the Customer Portal.\n\nSecurity Fix(es) :\n\n* systemd: stack overflow when calling syslog from a command with long\ncmdline (CVE-2018-16864)\n\n* systemd: stack overflow when receiving many journald entries\n(CVE-2018-16865)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:0361\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16865\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rhvm-appliance package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhvm-appliance\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:0361\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL7\", rpm:\"redhat-release-virtualization-host-4.2\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Red Hat Virtualization 4\");\n\n if (rpm_check(release:\"RHEL7\", reference:\"rhvm-appliance-4.2-20190129.0.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rhvm-appliance\");\n }\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:23:27", "description": "An update for systemd is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.\n\nSecurity Fix(es) :\n\n* systemd: stack overflow when calling syslog from a command with long cmdline (CVE-2018-16864)\n\n* systemd: stack overflow when receiving many journald entries (CVE-2018-16865)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "RHEL 7 : systemd (RHSA-2019:2402)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libgudev1", "p-cpe:/a:redhat:enterprise_linux:libgudev1-devel", "p-cpe:/a:redhat:enterprise_linux:systemd", "p-cpe:/a:redhat:enterprise_linux:systemd-debuginfo", "p-cpe:/a:redhat:enterprise_linux:systemd-devel", "p-cpe:/a:redhat:enterprise_linux:systemd-journal-gateway", "p-cpe:/a:redhat:enterprise_linux:systemd-libs", "p-cpe:/a:redhat:enterprise_linux:systemd-networkd", "p-cpe:/a:redhat:enterprise_linux:systemd-python", "p-cpe:/a:redhat:enterprise_linux:systemd-resolved", "p-cpe:/a:redhat:enterprise_linux:systemd-sysv", "cpe:/o:redhat:enterprise_linux:7.3"], "id": "REDHAT-RHSA-2019-2402.NASL", "href": "https://www.tenable.com/plugins/nessus/127719", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2402. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127719);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/10/24 15:35:47\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\");\n script_xref(name:\"RHSA\", value:\"2019:2402\");\n\n script_name(english:\"RHEL 7 : systemd (RHSA-2019:2402)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for systemd is now available for Red Hat Enterprise Linux\n7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco\nExtended Update Support, and Red Hat Enterprise Linux 7.3 Update\nServices for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe systemd packages contain systemd, a system and service manager for\nLinux, compatible with the SysV and LSB init scripts. It provides\naggressive parallelism capabilities, uses socket and D-Bus activation\nfor starting services, offers on-demand starting of daemons, and keeps\ntrack of processes using Linux cgroups. In addition, it supports\nsnapshotting and restoring of the system state, maintains mount and\nautomount points, and implements an elaborate transactional\ndependency-based service control logic. It can also work as a drop-in\nreplacement for sysvinit.\n\nSecurity Fix(es) :\n\n* systemd: stack overflow when calling syslog from a command with long\ncmdline (CVE-2018-16864)\n\n* systemd: stack overflow when receiving many journald entries\n(CVE-2018-16865)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16865\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libgudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libgudev1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-journal-gateway\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-networkd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-resolved\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-sysv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7\\.3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.3\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2402\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"i686\", reference:\"libgudev1-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"libgudev1-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"i686\", reference:\"libgudev1-devel-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"libgudev1-devel-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"i686\", reference:\"systemd-debuginfo-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-debuginfo-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"i686\", reference:\"systemd-devel-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-devel-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-journal-gateway-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"i686\", reference:\"systemd-libs-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-libs-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-networkd-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-python-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"i686\", reference:\"systemd-resolved-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-resolved-219-30.el7_3.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"3\", cpu:\"x86_64\", reference:\"systemd-sysv-219-30.el7_3.13\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgudev1 / libgudev1-devel / systemd / systemd-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:50:35", "description": "An update of the systemd package has been released.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-18T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Systemd PHSA-2019-1.0-0205", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:systemd", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0205_SYSTEMD.NASL", "href": "https://www.tenable.com/plugins/nessus/122905", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0205. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122905);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\");\n\n script_name(english:\"Photon OS 1.0: Systemd PHSA-2019-1.0-0205\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the systemd package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-205.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16865\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"systemd-228-50.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"systemd-debuginfo-228-50.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:52", "description": "Multiple vulnerabilities were found in the journald component of systemd which can lead to a crash or code execution.\n\nCVE-2018-16864\n\nAn allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges.\n\nCVE-2018-16865\n\nAn allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 215-17+deb8u9.\n\nWe recommend that you upgrade your systemd packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-23T00:00:00", "type": "nessus", "title": "Debian DLA-1639-1 : systemd security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:gir1.2-gudev-1.0", "p-cpe:/a:debian:debian_linux:libgudev-1.0-0", "p-cpe:/a:debian:debian_linux:libgudev-1.0-dev", "p-cpe:/a:debian:debian_linux:libpam-systemd", "p-cpe:/a:debian:debian_linux:libsystemd-daemon-dev", "p-cpe:/a:debian:debian_linux:libsystemd-daemon0", "p-cpe:/a:debian:debian_linux:libsystemd-dev", "p-cpe:/a:debian:debian_linux:libsystemd-id128-0", "p-cpe:/a:debian:debian_linux:libsystemd-id128-dev", "p-cpe:/a:debian:debian_linux:libsystemd-journal-dev", "p-cpe:/a:debian:debian_linux:libsystemd-journal0", "p-cpe:/a:debian:debian_linux:libsystemd-login-dev", "p-cpe:/a:debian:debian_linux:libsystemd-login0", "p-cpe:/a:debian:debian_linux:libsystemd0", "p-cpe:/a:debian:debian_linux:libudev-dev", "p-cpe:/a:debian:debian_linux:libudev1", "p-cpe:/a:debian:debian_linux:libudev1-udeb", "p-cpe:/a:debian:debian_linux:python3-systemd", "p-cpe:/a:debian:debian_linux:systemd", "p-cpe:/a:debian:debian_linux:systemd-dbg", "p-cpe:/a:debian:debian_linux:systemd-sysv", "p-cpe:/a:debian:debian_linux:udev", "p-cpe:/a:debian:debian_linux:udev-udeb", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1639.NASL", "href": "https://www.tenable.com/plugins/nessus/121316", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1639-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121316);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\");\n\n script_name(english:\"Debian DLA-1639-1 : systemd security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were found in the journald component of\nsystemd which can lead to a crash or code execution.\n\nCVE-2018-16864\n\nAn allocation of memory without limits, that could result in the stack\nclashing with another memory region, was discovered in\nsystemd-journald when many entries are sent to the journal socket. A\nlocal attacker, or a remote one if systemd-journal-remote is used, may\nuse this flaw to crash systemd-journald or execute code with journald\nprivileges.\n\nCVE-2018-16865\n\nAn allocation of memory without limits, that could result in the stack\nclashing with another memory region, was discovered in\nsystemd-journald when a program with long command line arguments calls\nsyslog. A local attacker may use this flaw to crash systemd-journald\nor escalate his privileges. Versions through v240 are vulnerable.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n215-17+deb8u9.\n\nWe recommend that you upgrade your systemd packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/01/msg00016.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/systemd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gir1.2-gudev-1.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgudev-1.0-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgudev-1.0-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libpam-systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-daemon-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-daemon0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-id128-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-id128-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-journal-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-journal0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-login-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd-login0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libudev-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libudev1-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:systemd-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:systemd-sysv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udev-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"gir1.2-gudev-1.0\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgudev-1.0-0\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgudev-1.0-dev\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libpam-systemd\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-daemon-dev\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-daemon0\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-dev\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-id128-0\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-id128-dev\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-journal-dev\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-journal0\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-login-dev\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd-login0\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsystemd0\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libudev-dev\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libudev1\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libudev1-udeb\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python3-systemd\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"systemd\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"systemd-dbg\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"systemd-sysv\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udev\", reference:\"215-17+deb8u9\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udev-udeb\", reference:\"215-17+deb8u9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:46:49", "description": "An update for systemd is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.\n\nSecurity Fix(es) :\n\n* systemd: stack overflow when calling syslog from a command with long cmdline (CVE-2018-16864)\n\n* systemd: stack overflow when receiving many journald entries (CVE-2018-16865)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Qualys Research Labs for reporting these issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-30T00:00:00", "type": "nessus", "title": "RHEL 7 : systemd (RHSA-2019:0204)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libgudev1", "p-cpe:/a:redhat:enterprise_linux:libgudev1-devel", "p-cpe:/a:redhat:enterprise_linux:systemd", "p-cpe:/a:redhat:enterprise_linux:systemd-debuginfo", "p-cpe:/a:redhat:enterprise_linux:systemd-devel", "p-cpe:/a:redhat:enterprise_linux:systemd-journal-gateway", "p-cpe:/a:redhat:enterprise_linux:systemd-libs", "p-cpe:/a:redhat:enterprise_linux:systemd-networkd", "p-cpe:/a:redhat:enterprise_linux:systemd-python", "p-cpe:/a:redhat:enterprise_linux:systemd-resolved", "p-cpe:/a:redhat:enterprise_linux:systemd-sysv", "cpe:/o:redhat:enterprise_linux:7.5"], "id": "REDHAT-RHSA-2019-0204.NASL", "href": "https://www.tenable.com/plugins/nessus/121454", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:0204. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121454);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/24 15:35:46\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\");\n script_xref(name:\"RHSA\", value:\"2019:0204\");\n\n script_name(english:\"RHEL 7 : systemd (RHSA-2019:0204)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for systemd is now available for Red Hat Enterprise Linux\n7.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe systemd packages contain systemd, a system and service manager for\nLinux, compatible with the SysV and LSB init scripts. It provides\naggressive parallelism capabilities, uses socket and D-Bus activation\nfor starting services, offers on-demand starting of daemons, and keeps\ntrack of processes using Linux cgroups. In addition, it supports\nsnapshotting and restoring of the system state, maintains mount and\nautomount points, and implements an elaborate transactional\ndependency-based service control logic. It can also work as a drop-in\nreplacement for sysvinit.\n\nSecurity Fix(es) :\n\n* systemd: stack overflow when calling syslog from a command with long\ncmdline (CVE-2018-16864)\n\n* systemd: stack overflow when receiving many journald entries\n(CVE-2018-16865)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Qualys Research Labs for reporting these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:0204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16865\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libgudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libgudev1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-journal-gateway\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-networkd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-resolved\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-sysv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7\\.5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.5\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:0204\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", reference:\"libgudev1-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", reference:\"libgudev1-devel-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"systemd-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"systemd-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", reference:\"systemd-debuginfo-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", reference:\"systemd-devel-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"systemd-journal-gateway-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"systemd-journal-gateway-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", reference:\"systemd-libs-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"systemd-networkd-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"systemd-networkd-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"systemd-python-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"systemd-python-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", reference:\"systemd-resolved-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"s390x\", reference:\"systemd-sysv-219-57.el7_5.5\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", cpu:\"x86_64\", reference:\"systemd-sysv-219-57.el7_5.5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgudev1 / libgudev1-devel / systemd / systemd-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:08:26", "description": "CVE-2018-16864\n\nAn allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable.\n\nCVE-2018-16865 An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.\n\nImpact\n\nA locally authenticated attacker may be able to use the flaw to stop systemd-journald from responding or escalate user privileges.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-26T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : systemd vulnerabilities (K06044762)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865"], "modified": "2020-03-30T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL06044762.NASL", "href": "https://www.tenable.com/plugins/nessus/134918", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K06044762.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134918);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/30\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\");\n\n script_name(english:\"F5 Networks BIG-IP : systemd vulnerabilities (K06044762)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2018-16864\n\nAn allocation of memory without limits, that could result in the stack\nclashing with another memory region, was discovered in\nsystemd-journald when a program with long command line arguments calls\nsyslog. A local attacker may use this flaw to crash systemd-journald\nor escalate his privileges. Versions through v240 are vulnerable.\n\nCVE-2018-16865 An allocation of memory without limits, that could\nresult in the stack clashing with another memory region, was\ndiscovered in systemd-journald when many entries are sent to the\njournal socket. A local attacker, or a remote one if\nsystemd-journal-remote is used, may use this flaw to crash\nsystemd-journald or execute code with journald privileges. Versions\nthrough v240 are vulnerable.\n\nImpact\n\nA locally authenticated attacker may be able to use the flaw to stop\nsystemd-journald from responding or escalate user privileges.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K06044762\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K06044762.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K06044762\";\nvmatrix = make_array();\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"15.1.0\",\"14.1.2.1\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"15.1.0\",\"14.1.2.1\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"15.1.0\",\"14.1.2.1\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"15.1.0\",\"14.1.2.1\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"15.1.0\",\"14.1.2.1\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"15.1.0\",\"14.1.2.1\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"15.1.0\",\"14.1.2.1\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"15.1.0\",\"14.1.2.1\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"15.0.0-15.0.1\",\"14.1.0-14.1.2\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"15.1.0\",\"14.1.2.1\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:48:15", "description": "An update for systemd is now available for Red Hat Enterprise Linux 7.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.\n\nSecurity Fix(es) :\n\n* systemd: stack overflow when calling syslog from a command with long cmdline (CVE-2018-16864)\n\n* systemd: stack overflow when receiving many journald entries (CVE-2018-16865)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Qualys Research Labs for reporting these issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-05T00:00:00", "type": "nessus", "title": "RHEL 7 : systemd (RHSA-2019:0271)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16864", "CVE-2018-16865"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libgudev1", "p-cpe:/a:redhat:enterprise_linux:libgudev1-devel", "p-cpe:/a:redhat:enterprise_linux:systemd", "p-cpe:/a:redhat:enterprise_linux:systemd-debuginfo", "p-cpe:/a:redhat:enterprise_linux:systemd-devel", "p-cpe:/a:redhat:enterprise_linux:systemd-journal-gateway", "p-cpe:/a:redhat:enterprise_linux:systemd-libs", "p-cpe:/a:redhat:enterprise_linux:systemd-networkd", "p-cpe:/a:redhat:enterprise_linux:systemd-python", "p-cpe:/a:redhat:enterprise_linux:systemd-resolved", "p-cpe:/a:redhat:enterprise_linux:systemd-sysv", "cpe:/o:redhat:enterprise_linux:7.4"], "id": "REDHAT-RHSA-2019-0271.NASL", "href": "https://www.tenable.com/plugins/nessus/121587", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:0271. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121587);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/24 15:35:46\");\n\n script_cve_id(\"CVE-2018-16864\", \"CVE-2018-16865\");\n script_xref(name:\"RHSA\", value:\"2019:0271\");\n\n script_name(english:\"RHEL 7 : systemd (RHSA-2019:0271)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for systemd is now available for Red Hat Enterprise Linux\n7.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe systemd packages contain systemd, a system and service manager for\nLinux, compatible with the SysV and LSB init scripts. It provides\naggressive parallelism capabilities, uses socket and D-Bus activation\nfor starting services, offers on-demand starting of daemons, and keeps\ntrack of processes using Linux cgroups. In addition, it supports\nsnapshotting and restoring of the system state, maintains mount and\nautomount points, and implements an elaborate transactional\ndependency-based service control logic. It can also work as a drop-in\nreplacement for sysvinit.\n\nSecurity Fix(es) :\n\n* systemd: stack overflow when calling syslog from a command with long\ncmdline (CVE-2018-16864)\n\n* systemd: stack overflow when receiving many journald entries\n(CVE-2018-16865)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nRed Hat would like to thank Qualys Research Labs for reporting these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:0271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-16865\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libgudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libgudev1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-journal-gateway\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-networkd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-resolved\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-sysv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7\\.4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.4\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:0271\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"libgudev1-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"libgudev1-devel-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"systemd-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"systemd-debuginfo-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"systemd-devel-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"systemd-journal-gateway-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-journal-gateway-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"systemd-libs-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"systemd-networkd-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-networkd-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"systemd-python-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-python-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"systemd-resolved-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"s390x\", reference:\"systemd-sysv-219-42.el7_4.13\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", cpu:\"x86_64\", reference:\"systemd-sysv-219-42.el7_4.13\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libgudev1 / libgudev1-devel / systemd / systemd-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T14:32:41", "description": "The v4.19.5 stable update contains important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : kernel / kernel-headers / kernel-tools (2018-3857a8b41a)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-19407"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-3857A8B41A.NASL", "href": "https://www.tenable.com/plugins/nessus/120352", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-3857a8b41a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120352);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-16862\", \"CVE-2018-19407\");\n script_xref(name:\"FEDORA\", value:\"2018-3857a8b41a\");\n\n script_name(english:\"Fedora 28 : kernel / kernel-headers / kernel-tools (2018-3857a8b41a)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The v4.19.5 stable update contains important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-3857a8b41a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16862\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-16862\", \"CVE-2018-19407\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-3857a8b41a\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"kernel-4.19.5-200.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-headers-4.19.5-200.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-tools-4.19.5-200.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-26T14:31:14", "description": "The v4.19.5 stable update contains important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers / kernel-tools (2018-87ba0312c2)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-19407"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2018-87BA0312C2.NASL", "href": "https://www.tenable.com/plugins/nessus/120585", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-87ba0312c2.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120585);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-16862\", \"CVE-2018-19407\");\n script_xref(name:\"FEDORA\", value:\"2018-87ba0312c2\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers / kernel-tools (2018-87ba0312c2)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The v4.19.5 stable update contains important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-87ba0312c2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16862\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-16862\", \"CVE-2018-19407\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-87ba0312c2\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-4.19.5-300.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-4.19.5-300.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-tools-4.19.5-300.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-26T14:37:51", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in can_can_gw_rcv() in the net/can/gw.c in the Linux kernel. The CAN driver may write arbitrary content beyond the data registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames because of a missing check.\n A local user with CAP_NET_ADMIN capability granted in the initial namespace can exploit this vulnerability to cause a system crash and thus a denial of service (DoS).i1/4^CVE-2019-3701i1/4%0\n\n - A flaw was found in the Linux kernel in the function hso_probe() which reads if_num value from the USB device (as an u8) and uses it without a length check to index an array, resulting in an OOB memory read in hso_probe() or hso_get_config_data(). An attacker with a forged USB device and physical access to a system (needed to connect such a device) can cause a system crash and a denial of service.i1/4^CVE-2018-19985i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.6, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-04-04T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1234)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19985", "CVE-2019-3701"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "cpe:/o:huawei:euleros:uvp:2.5.4"], "id": "EULEROS_SA-2019-1234.NASL", "href": "https://www.tenable.com/plugins/nessus/123702", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123702);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-19985\",\n \"CVE-2019-3701\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1234)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An issue was discovered in can_can_gw_rcv() in the\n net/can/gw.c in the Linux kernel. The CAN driver may\n write arbitrary content beyond the data registers in\n the CAN controller's I/O memory when processing can-gw\n manipulated outgoing frames because of a missing check.\n A local user with CAP_NET_ADMIN capability granted in\n the initial namespace can exploit this vulnerability to\n cause a system crash and thus a denial of service\n (DoS).i1/4^CVE-2019-3701i1/4%0\n\n - A flaw was found in the Linux kernel in the function\n hso_probe() which reads if_num value from the USB\n device (as an u8) and uses it without a length check to\n index an array, resulting in an OOB memory read in\n hso_probe() or hso_get_config_data(). An attacker with\n a forged USB device and physical access to a system\n (needed to connect such a device) can cause a system\n crash and a denial of service.i1/4^CVE-2018-19985i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1234\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?482cb2f8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19985\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.4\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.4\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.4\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-862.14.1.1_58\",\n \"kernel-devel-3.10.0-862.14.1.1_58\",\n \"kernel-headers-3.10.0-862.14.1.1_58\",\n \"kernel-tools-3.10.0-862.14.1.1_58\",\n \"kernel-tools-libs-3.10.0-862.14.1.1_58\",\n \"kernel-tools-libs-devel-3.10.0-862.14.1.1_58\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-25T14:26:13", "description": "The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2016-10741: fs/xfs/xfs_aops.c allowed local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure (bnc#1114920 bnc#1124010).\n\nCVE-2017-18360: In change_port_settings in drivers/usb/serial/io_ti.c local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates (bnc#1123706).\n\nCVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).\n\nCVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).\n\nCVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n\nCVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).\n\nCVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n\nCVE-2019-7222: A information leak in exception handling in KVM could be used to expose host memory to guests. (bnc#1124735).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-18T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : kernel (SUSE-SU-2019:13979-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10741", "CVE-2017-18360", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-19985", "CVE-2018-20169", "CVE-2018-9568", "CVE-2019-7222"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-ec2", "p-cpe:/a:novell:suse_linux:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:kernel-pae", "p-cpe:/a:novell:suse_linux:kernel-pae-base", "p-cpe:/a:novell:suse_linux:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-trace", "p-cpe:/a:novell:suse_linux:kernel-trace-base", "p-cpe:/a:novell:suse_linux:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2019-13979-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122891", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:13979-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122891);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-10741\", \"CVE-2017-18360\", \"CVE-2018-19407\", \"CVE-2018-19824\", \"CVE-2018-19985\", \"CVE-2018-20169\", \"CVE-2018-9568\", \"CVE-2019-7222\");\n\n script_name(english:\"SUSE SLES11 Security Update : kernel (SUSE-SU-2019:13979-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2016-10741: fs/xfs/xfs_aops.c allowed local users to cause a\ndenial of service (system crash) because there is a race condition\nbetween direct and memory-mapped I/O (associated with a hole) that is\nhandled with BUG_ON instead of an I/O failure (bnc#1114920\nbnc#1124010).\n\nCVE-2017-18360: In change_port_settings in drivers/usb/serial/io_ti.c\nlocal users could cause a denial of service by division-by-zero in the\nserial device layer by trying to set very high baud rates\n(bnc#1123706).\n\nCVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory\ncorruption due to type confusion. This could lead to local escalation\nof privilege with no additional execution privileges needed. User\ninteraction is not needed for exploitation. (bnc#1118319).\n\nCVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c\nallowed local users to cause a denial of service (NULL pointer\ndereference and BUG) via crafted system calls that reach a situation\nwhere ioapic is uninitialized (bnc#1116841).\n\nCVE-2018-19824: A local user could exploit a use-after-free in the\nALSA driver by supplying a malicious USB Sound device (with zero\ninterfaces) that is mishandled in usb_audio_probe in sound/usb/card.c\n(bnc#1118152).\n\nCVE-2018-19985: The function hso_probe read if_num from the USB device\n(as an u8) and used it without a length check to index an array,\nresulting in an OOB memory read in hso_probe or hso_get_config_data\nthat could be used by local attackers (bnc#1120743).\n\nCVE-2018-20169: The USB subsystem mishandled size checks during the\nreading of an extra descriptor, related to __usb_get_extra_descriptor\nin drivers/usb/core/usb.c (bnc#1119714).\n\nCVE-2019-7222: A information leak in exception handling in KVM could\nbe used to expose host memory to guests. (bnc#1124735).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1068032\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1094244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1098658\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104818\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105536\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1107371\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109330\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112963\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114672\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114920\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115038\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115828\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115832\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115836\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115839\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115842\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115843\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115844\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117796\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1118760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119255\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120077\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120093\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120217\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120223\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120226\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120743\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121872\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122874\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123505\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=931850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969471\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969473\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10741/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-18360/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19407/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19824/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-19985/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-20169/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-9568/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-7222/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-201913979-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3d011069\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-kernel-20190225-13979=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-kernel-20190225-13979=1\n\nSUSE Linux Enterprise Server 11-EXTRA:zypper in -t patch\nslexsp3-kernel-20190225-13979=1\n\nSUSE Linux Enterprise Real Time Extension 11-SP4:zypper in -t patch\nslertesp4-kernel-20190225-13979=1\n\nSUSE Linux Enterprise High Availability Extension 11-SP4:zypper in -t\npatch slehasp4-kernel-20190225-13979=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-kernel-20190225-13979=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-default-man-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-base-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-devel-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-source-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-syms-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-base-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-devel-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-base-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-108.87.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-108.87.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-01T15:10:51", "description": "This update for curl fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-3822: Fixed a NTLMv2 type-3 header stack-based buffer overflow (bsc#1123377).\n\nCVE-2019-3823: Fixed an out-of-bounds read in the SMTP end-of-response (bsc#1123378).\n\nCVE-2018-16890: Fixed an out-of-bounds buffer read in NTLM type2 (bsc#1123371).\n\nCVE-2018-16842: Fixed an out-of-bounds read in tool_msgs.c (bsc#1113660).\n\nCVE-2018-16840: Fixed a use-after-free in handle close (bsc#1113029).\n\nCVE-2018-16839: Fixed an SASL password overflow caused by an integer overflow (bsc#1112758).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-13T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2019:0339-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16839", "CVE-2018-16840", "CVE-2018-16842", "CVE-2018-16890", "CVE-2019-3822", "CVE-2019-3823"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:curl", "p-cpe:/a:novell:suse_linux:curl-debuginfo", "p-cpe:/a:novell:suse_linux:curl-debugsource", "p-cpe:/a:novell:suse_linux:libcurl4", "p-cpe:/a:novell:suse_linux:libcurl4-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0339-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122149", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0339-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122149);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2018-16839\",\n \"CVE-2018-16840\",\n \"CVE-2018-16842\",\n \"CVE-2018-16890\",\n \"CVE-2019-3822\",\n \"CVE-2019-3823\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0227\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2019:0339-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for curl fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-3822: Fixed a NTLMv2 type-3 header stack-based buffer\noverflow (bsc#1123377).\n\nCVE-2019-3823: Fixed an out-of-bounds read in the SMTP end-of-response\n(bsc#1123378).\n\nCVE-2018-16890: Fixed an out-of-bounds buffer read in NTLM type2\n(bsc#1123371).\n\nCVE-2018-16842: Fixed an out-of-bounds read in tool_msgs.c\n(bsc#1113660).\n\nCVE-2018-16840: Fixed a use-after-free in handle close (bsc#1113029).\n\nCVE-2018-16839: Fixed an SASL password overflow caused by an integer\noverflow (bsc#1112758).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112758\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113660\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123371\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123377\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123378\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16839/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16840/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16842/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16890/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-3822/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-3823/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190339-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?707494a7\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-339=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-339=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-339=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:curl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcurl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcurl4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"curl-7.60.0-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"curl-debuginfo-7.60.0-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"curl-debugsource-7.60.0-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libcurl4-32bit-7.60.0-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libcurl4-7.60.0-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libcurl4-debuginfo-32bit-7.60.0-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libcurl4-debuginfo-7.60.0-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"curl-7.60.0-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"curl-debuginfo-7.60.0-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"curl-debugsource-7.60.0-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libcurl4-32bit-7.60.0-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libcurl4-7.60.0-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libcurl4-debuginfo-32bit-7.60.0-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libcurl4-debuginfo-7.60.0-4.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T14:31:43", "description": "The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).\n\n - CVE-2018-14625: An attacker might have bene able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).\n\n - CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bsc#1120743).\n\n - CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).\n\n - CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to\n __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).\n\n - CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).\n\n - CVE-2018-12232: In net/socket.c there was a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash (bnc#1097593).\n\n - CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).\n\n - CVE-2018-16862: A security flaw was found in the way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).\n\n - CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).\n\n - CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n\nThe following non-security bugs were fixed :\n\n - ACPI / CPPC: Check for valid PCC subspace only if PCC is used (bsc#1117115).\n\n - ACPI / CPPC: Update all pr_(debug/err) messages to log the susbspace id (bsc#1117115).\n\n - aio: fix spectre gadget in lookup_ioctx (bsc#1120594).\n\n - alsa: cs46xx: Potential NULL dereference in probe (bsc#1051510).\n\n - alsa: emu10k1: Fix potential Spectre v1 vulnerabilities (bsc#1051510).\n\n - alsa: emux: Fix potential Spectre v1 vulnerabilities (bsc#1051510).\n\n - alsa: fireface: fix for state to fetch PCM frames (bsc#1051510).\n\n - alsa: fireface: fix reference to wrong register for clock configuration (bsc#1051510).\n\n - alsa: firewire-lib: fix wrong assignment for 'out_packet_without_header' tracepoint (bsc#1051510).\n\n - alsa: firewire-lib: fix wrong handling payload_length as payload_quadlet (bsc#1051510).\n\n - alsa: firewire-lib: use the same print format for 'without_header' tracepoints (bsc#1051510).\n\n - alsa: hda: add mute LED support for HP EliteBook 840 G4 (bsc#1051510).\n\n - alsa: hda: Add support for AMD Stoney Ridge (bsc#1051510).\n\n - alsa: hda/ca0132 - make pci_iounmap() call conditional (bsc#1051510).\n\n - alsa: hda: fix front speakers on Huawei MBXP (bsc#1051510).\n\n - alsa: hda/realtek - Add support for Acer Aspire C24-860 headset mic (bsc#1051510).\n\n - alsa: hda/realtek - Add unplug function into unplug state of Headset Mode for ALC225 (bsc#1051510).\n\n - alsa: hda/realtek: ALC286 mic and headset-mode fixups for Acer Aspire U27-880 (bsc#1051510).\n\n - alsa: hda/realtek: ALC294 mic and headset-mode fixups for ASUS X542UN (bsc#1051510).\n\n - alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bsc#1051510).\n\n - alsa: hda/realtek: Enable audio jacks of ASUS UX391UA with ALC294 (bsc#1051510).\n\n - alsa: hda/realtek: Enable audio jacks of ASUS UX433FN/UX333FA with ALC294 (bsc#1051510).\n\n - alsa: hda/realtek: Enable audio jacks of ASUS UX533FD with ALC294 (bsc#1051510).\n\n - alsa: hda/realtek: Enable the headset mic auto detection for ASUS laptops (bsc#1051510).\n\n - alsa: hda/realtek - Fixed headphone issue for ALC700 (bsc#1051510).\n\n - alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4660G (bsc#1051510).\n\n - alsa: hda/realtek: Fix mic issue on Acer AIO Veriton Z4860G/Z6860G (bsc#1051510).\n\n - alsa: hda/realtek - Fix speaker output regression on Thinkpad T570 (bsc#1051510).\n\n - alsa: hda/realtek - Fix the mute LED regresion on Lenovo X1 Carbon (bsc#1051510).\n\n - alsa: hda/realtek - Support Dell headset mode for New AIO platform (bsc#1051510).\n\n - alsa: hda/tegra: clear pending irq handlers (bsc#1051510).\n\n - alsa: pcm: Call snd_pcm_unlink() conditionally at closing (bsc#1051510).\n\n - alsa: pcm: Fix interval evaluation with openmin/max (bsc#1051510).\n\n - alsa: pcm: Fix potential Spectre v1 vulnerability (bsc#1051510).\n\n - alsa: pcm: Fix starvation on down_write_nonblock() (bsc#1051510).\n\n - alsa: rme9652: Fix potential Spectre v1 vulnerability (bsc#1051510).\n\n - alsa: trident: Suppress gcc string warning (bsc#1051510).\n\n - alsa: usb-audio: Add SMSL D1 to quirks for native DSD support (bsc#1051510).\n\n - alsa: usb-audio: Add support for Encore mDSD USB DAC (bsc#1051510).\n\n - alsa: usb-audio: Avoid access before bLength check in build_audio_procunit() (bsc#1051510).\n\n - alsa: usb-audio: Fix an out-of-bound read in create_composite_quirks (bsc#1051510).\n\n - alsa: x86: Fix runtime PM for hdmi-lpe-audio (bsc#1051510).\n\n - apparmor: do not try to replace stale label in ptrace access check (git-fixes).\n\n - apparmor: do not try to replace stale label in ptraceme check (git-fixes).\n\n - apparmor: Fix uninitialized value in aa_split_fqname (git-fixes).\n\n - arm64: Add work around for Arm Cortex-A55 Erratum 1024718 (bsc#1120612).\n\n - arm64: atomics: Remove '&' from '+&' asm constraint in lse atomics (bsc#1120613).\n\n - arm64: cpu_errata: include required headers (bsc#1120615).\n\n - arm64: dma-mapping: Fix FORCE_CONTIGUOUS buffer clearing (bsc#1120633).\n\n - arm64: Fix /proc/iomem for reserved but not memory regions (bsc#1120632).\n\n - arm64: lse: Add early clobbers to some input/output asm operands (bsc#1120614).\n\n - arm64: lse: remove -fcall-used-x0 flag (bsc#1120618).\n\n - arm64: mm: always enable CONFIG_HOLES_IN_ZONE (bsc#1120617).\n\n - arm64/numa: Report correct memblock range for the dummy node (bsc#1120620).\n\n - arm64/numa: Unify common error path in numa_init() (bsc#1120621).\n\n - arm64: remove no-op -p linker flag (bsc#1120616).\n\n - ASoC: dapm: Recalculate audio map forcely when card instantiated (bsc#1051510).\n\n - ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Clapper (bsc#1051510).\n\n - ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook Gnawty (bsc#1051510).\n\n - ASoC: intel: mrfld: fix uninitialized variable access (bsc#1051510).\n\n - ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing (bsc#1051510).\n\n - ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE (bsc#1051510).\n\n - ASoC: omap-mcbsp: Fix latency value calculation for pm_qos (bsc#1051510).\n\n - ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE (bsc#1051510).\n\n - ASoC: rsnd: fixup clock start checker (bsc#1051510).\n\n - ASoC: wm_adsp: Fix dma-unsafe read of scratch registers (bsc#1051510).\n\n - ath10k: do not assume this is a PCI dev in generic code (bsc#1051510).\n\n - ath6kl: Only use match sets when firmware supports it (bsc#1051510).\n\n - b43: Fix error in cordic routine (bsc#1051510).\n\n - bcache: fix miss key refill->end in writeback (Git-fixes).\n\n - bcache: trace missed reading by cache_missed (Git-fixes).\n\n - blk-mq: remove synchronize_rcu() from blk_mq_del_queue_tag_set() (Git-fixes).\n\n - block: allow max_discard_segments to be stacked (Git-fixes).\n\n - block: blk_init_allocated_queue() set q->fq as NULL in the fail case (Git-fixes).\n\n - block: really disable runtime-pm for blk-mq (Git-fixes).\n\n - block: reset bi_iter.bi_done after splitting bio (Git-fixes).\n\n - block/swim: Fix array bounds check (Git-fixes).\n\n - bnxt_en: do not try to offload VLAN 'modify' action (bsc#1050242 ).\n\n - bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request (bsc#1086282).\n\n - bnxt_en: Fix VNIC reservations on the PF (bsc#1086282 ).\n\n - bnxt_en: get the reduced max_irqs by the ones used by RDMA (bsc#1050242).\n\n - bpf: fix check of allowed specifiers in bpf_trace_printk (bsc#1083647).\n\n - bpf: use per htab salt for bucket hash (git-fixes).\n\n - btrfs: Always try all copies when reading extent buffers (git-fixes).\n\n - btrfs: delete dead code in btrfs_orphan_add() (bsc#1111469).\n\n - btrfs: delete dead code in btrfs_orphan_commit_root() (bsc#1111469).\n\n - btrfs: do not BUG_ON() in btrfs_truncate_inode_items() (bsc#1111469).\n\n - btrfs: do not check inode's runtime flags under root->orphan_lock (bsc#1111469).\n\n - btrfs: do not return ino to ino cache if inode item removal fails (bsc#1111469).\n\n - btrfs: fix ENOSPC caused by orphan items reservations (bsc#1111469).\n\n - btrfs: Fix error handling in btrfs_cleanup_ordered_extents (git-fixes).\n\n - btrfs: fix error handling in btrfs_truncate() (bsc#1111469).\n\n - btrfs: fix error handling in btrfs_truncate_inode_items() (bsc#1111469).\n\n - btrfs: fix fsync of files with multiple hard links in new directories (1120173).\n\n - btrfs: Fix memory barriers usage with device stats counters (git-fixes).\n\n - btrfs: fix use-after-free on root->orphan_block_rsv (bsc#1111469).\n\n - btrfs: get rid of BTRFS_INODE_HAS_ORPHAN_ITEM (bsc#1111469).\n\n - btrfs: get rid of unused orphan infrastructure (bsc#1111469).\n\n - btrfs: move btrfs_truncate_block out of trans handle (bsc#1111469).\n\n - btrfs: qgroup: Dirty all qgroups before rescan (bsc#1120036).\n\n - btrfs: refactor btrfs_evict_inode() reserve refill dance (bsc#1111469).\n\n - btrfs: renumber BTRFS_INODE_ runtime flags and switch to enums (bsc#1111469).\n\n - btrfs: reserve space for O_TMPFILE orphan item deletion (bsc#1111469).\n\n - btrfs: run delayed items before dropping the snapshot (bsc#1121263, bsc#1111188).\n\n - btrfs: stop creating orphan items for truncate (bsc#1111469).\n\n - btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875).\n\n - btrfs: update stale comments referencing vmtruncate() (bsc#1111469).\n\n - can: flexcan: flexcan_irq(): fix indention (bsc#1051510).\n\n - cdrom: do not attempt to fiddle with cdo->capability (bsc#1051510).\n\n - ceph: do not update importing cap's mseq when handing cap export (bsc#1121273).\n\n - char_dev: extend dynamic allocation of majors into a higher range (bsc#1121058).\n\n - char_dev: Fix off-by-one bugs in find_dynamic_major() (bsc#1121058).\n\n - clk: mmp: Off by one in mmp_clk_add() (bsc#1051510).\n\n - clk: mvebu: Off by one bugs in cp110_of_clk_get() (bsc#1051510).\n\n - compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations (git-fixes).\n\n - config: arm64: enable erratum 1024718\n\n - cpufeature: avoid warning when compiling with clang (Git-fixes).\n\n - cpufreq / CPPC: Add cpuinfo_cur_freq support for CPPC (bsc#1117115).\n\n - cpufreq: CPPC: fix build in absence of v3 support (bsc#1117115).\n\n - cpupower: remove stringop-truncation waring (git-fixes).\n\n - crypto: bcm - fix normal/non key hash algorithm failure (bsc#1051510).\n\n - crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command ().\n\n - crypto: ccp - Add GET_ID SEV command ().\n\n - crypto: ccp - Add psp enabled message when initialization succeeds ().\n\n - crypto: ccp - Add support for new CCP/PSP device ID ().\n\n - crypto: ccp - Allow SEV firmware to be chosen based on Family and Model ().\n\n - crypto: ccp - Fix static checker warning ().\n\n - crypto: ccp - Remove unused #defines ().\n\n - crypto: ccp - Support register differences between PSP devices ().\n\n - dasd: fix deadlock in dasd_times_out (bsc#1121477, LTC#174111).\n\n - dax: Check page->mapping isn't NULL (bsc#1120054).\n\n - dax: Do not access a freed inode (bsc#1120055).\n\n - device property: Define type of PROPERTY_ENRTY_*() macros (bsc#1051510).\n\n - device property: fix fwnode_graph_get_next_endpoint() documentation (bsc#1051510).\n\n - disable stringop truncation warnings for now (git-fixes).\n\n - dm: allocate struct mapped_device with kvzalloc (Git-fixes).\n\n - dm cache: destroy migration_cache if cache target registration failed (Git-fixes).\n\n - dm cache: fix resize crash if user does not reload cache table (Git-fixes).\n\n - dm cache metadata: ignore hints array being too small during resize (Git-fixes).\n\n - dm cache metadata: save in-core policy_hint_size to on-disk superblock (Git-fixes).\n\n - dm cache metadata: set dirty on all cache blocks after a crash (Git-fixes).\n\n - dm cache: only allow a single io_mode cache feature to be requested (Git-fixes).\n\n - dm crypt: do not decrease device limits (Git-fixes).\n\n - dm: fix report zone remapping to account for partition offset (Git-fixes).\n\n - dm integrity: change 'suspending' variable from bool to int (Git-fixes).\n\n - dm ioctl: harden copy_params()'s copy_from_user() from malicious users (Git-fixes).\n\n - dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled (Git-fixes).\n\n - dm linear: fix linear_end_io conditional definition (Git-fixes).\n\n - dm thin: handle running out of data space vs concurrent discard (Git-fixes).\n\n - dm thin metadata: remove needless work from\n __commit_transaction (Git-fixes).\n\n - dm thin: stop no_space_timeout worker when switching to write-mode (Git-fixes).\n\n - dm writecache: fix a crash due to reading past end of dirty_bitmap (Git-fixes).\n\n - dm writecache: report start_sector in status line (Git-fixes).\n\n - dm zoned: fix metadata block ref counting (Git-fixes).\n\n - dm zoned: fix various dmz_get_mblock() issues (Git-fixes).\n\n - doc/README.SUSE: correct GIT url No more gitorious, github we use.\n\n - drivers/net/usb: add device id for TP-LINK UE300 USB 3.0 Ethernet (bsc#1119749).\n\n - drivers/net/usb/r8152: remove the unneeded variable 'ret' in rtl8152_system_suspend (bsc#1119749).\n\n - drm/amdgpu/gmc8: update MC firmware for polaris (bsc#1113722)\n\n - drm/amdgpu: update mc firmware image for polaris12 variants (bsc#1113722)\n\n - drm/amdgpu: update SMC firmware image for polaris10 variants (bsc#1113722)\n\n - drm/i915/execlists: Apply a full mb before execution for Braswell (bsc#1113722)\n\n - drm/ioctl: Fix Spectre v1 vulnerabilities (bsc#1113722)\n\n - drm/nouveau/kms: Fix memory leak in nv50_mstm_del() (bsc#1113722)\n\n - drm: rcar-du: Fix external clock error checks (bsc#1113722)\n\n - drm: rcar-du: Fix vblank initialization (bsc#1113722)\n\n - drm/rockchip: psr: do not dereference encoder before it is null (bsc#1113722)\n\n - drm: set is_master to 0 upon drm_new_set_master() failure (bsc#1113722)\n\n - drm/vc4: Set ->is_yuv to false when num_planes == 1 (bsc#1113722)\n\n - drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1113722)\n\n - dt-bindings: add compatible string for Allwinner V3s SoC (git-fixes).\n\n - dt-bindings: arm: Document SoC compatible value for Armadillo-800 EVA (git-fixes).\n\n - dt-bindings: clock: add rk3399 DDR3 standard speed bins (git-fixes).\n\n - dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4 (git-fixes).\n\n - dt-bindings: mfd: axp20x: Add AXP806 to supported list of chips (git-fixes).\n\n - dt-bindings: net: Remove duplicate NSP Ethernet MAC binding document (git-fixes).\n\n - dt-bindings: panel: lvds: Fix path to display timing bindings (git-fixes).\n\n - dt-bindings: phy: sun4i-usb-phy: Add property descriptions for H3 (git-fixes).\n\n - dt-bindings: pwm: renesas: tpu: Fix 'compatible' prop description (git-fixes).\n\n - dt-bindings: rcar-dmac: Document missing error interrupt (git-fixes).\n\n - edac, (i7core,sb,skx)_edac: Fix uncorrected error counting (bsc#1114279).\n\n - edac, skx_edac: Fix logical channel intermediate decoding (bsc#1114279).\n\n - efi: Move some sysfs files to be read-only by root (bsc#1051510).\n\n - ethernet: fman: fix wrong of_node_put() in probe function (bsc#1119017).\n\n - exportfs: fix 'passing zero to ERR_PTR()' warning (bsc#1118773).\n\n - ext2: fix potential use after free (bsc#1118775).\n\n - ext4: avoid possible double brelse() in add_new_gdb() on error path (bsc#1118760).\n\n - ext4: fix EXT4_IOC_GROUP_ADD ioctl (bsc#1120604).\n\n - ext4: fix possible use after free in ext4_quota_enable (bsc#1120602).\n\n - ext4: missing unlock/put_page() in ext4_try_to_write_inline_data() (bsc#1120603).\n\n - extable: Consolidate *kernel_text_address() functions (bsc#1120092).\n\n - extable: Enable RCU if it is not watching in kernel_text_address() (bsc#1120092).\n\n - fbdev: fbcon: Fix unregister crash when more than one framebuffer (bsc#1113722)\n\n - fbdev: fbmem: behave better with small rotated displays and many CPUs (bsc#1113722)\n\n - firmware: add firmware_request_nowarn() - load firmware without warnings ().\n\n - Fix the breakage of KMP build on x86_64 (bsc#1121017)\n\n - fscache: Fix race in fscache_op_complete() due to split atomic_sub & read (Git-fixes).\n\n - fscache: Pass the correct cancelled indications to fscache_op_complete() (Git-fixes).\n\n - fs: fix lost error code in dio_complete (bsc#1118762).\n\n - fs/xfs: Use %pS printk format for direct addresses (git-fixes).\n\n - fuse: fix blocked_waitq wakeup (git-fixes).\n\n - fuse: fix leaked notify reply (git-fixes).\n\n - fuse: fix possibly missed wake-up after abort (git-fixes).\n\n - fuse: Fix use-after-free in fuse_dev_do_read() (git-fixes).\n\n - fuse: Fix use-after-free in fuse_dev_do_write() (git-fixes).\n\n - fuse: fix use-after-free in fuse_direct_IO() (git-fixes).\n\n - fuse: set FR_SENT while locked (git-fixes).\n\n - gcc-plugins: Add include required by GCC release 8 (git-fixes).\n\n - gcc-plugins: Use dynamic initializers (git-fixes).\n\n - gfs2: Do not leave s_fs_info pointing to freed memory in init_sbd (bsc#1118769).\n\n - gfs2: Fix loop in gfs2_rbm_find (bsc#1120601).\n\n - gfs2: Get rid of potential double-freeing in gfs2_create_inode (bsc#1120600).\n\n - gfs2_meta: ->mount() can get NULL dev_name (bsc#1118768).\n\n - gfs2: Put bitmap buffers in put_super (bsc#1118772).\n\n - git_sort.py: Remove non-existent remote tj/libata\n\n - gpio: davinci: Remove unused member of davinci_gpio_controller (git-fixes).\n\n - gpiolib-acpi: Only defer request_irq for GpioInt ACPI event handlers (bsc#1051510).\n\n - gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (bsc#1051510).\n\n - gpio: max7301: fix driver for use with CONFIG_VMAP_STACK (bsc#1051510).\n\n - gpio: mvebu: only fail on missing clk if pwm is actually to be used (bsc#1051510).\n\n - HID: Add quirk for Primax PIXART OEM mice (bsc#1119410).\n\n - HID: input: Ignore battery reported by Symbol DS4308 (bsc#1051510).\n\n - HID: multitouch: Add pointstick support for Cirque Touchpad (bsc#1051510).\n\n - hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n\n - i2c: axxia: properly handle master timeout (bsc#1051510).\n\n - i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node (bsc#1051510).\n\n - ib/hfi1: Add mtu check for operational data VLs (bsc#1060463 ).\n\n - ibmvnic: Convert reset work item mutex to spin lock ().\n\n - ibmvnic: Fix non-atomic memory allocation in IRQ context ().\n\n - ib/rxe: support for 802.1q VLAN on the listener (bsc#1082387).\n\n - ieee802154: 6lowpan: set IFLA_LINK (bsc#1051510).\n\n - ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).\n\n - ieee802154: at86rf230: use __func__ macro for debug messages (bsc#1051510).\n\n - ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem (bsc#1051510).\n\n - Include modules.fips in kernel-binary as well as kernel-binary-base ().\n\n - initramfs: fix initramfs rebuilds w/ compression after disabling (git-fixes).\n\n - input: add official Raspberry Pi's touchscreen driver ().\n\n - input: cros_ec_keyb - fix button/switch capability reports (bsc#1051510).\n\n - input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR (bsc#1051510).\n\n - input: elan_i2c - add ELAN0620 to the ACPI table (bsc#1051510).\n\n - input: elan_i2c - add support for ELAN0621 touchpad (bsc#1051510).\n\n - input: hyper-v - fix wakeup from suspend-to-idle (bsc#1051510).\n\n - input: matrix_keypad - check for errors from of_get_named_gpio() (bsc#1051510).\n\n - input: nomadik-ske-keypad - fix a loop timeout test (bsc#1051510).\n\n - input: omap-keypad - fix keyboard debounce configuration (bsc#1051510).\n\n - input: synaptics - add PNP ID for ThinkPad P50 to SMBus (bsc#1051510).\n\n - input: synaptics - enable SMBus for HP 15-ay000 (bsc#1051510).\n\n - input: xpad - quirk all PDP Xbox One gamepads (bsc#1051510).\n\n - integrity/security: fix digsig.c build error with header file (bsc#1051510).\n\n - intel_th: msu: Fix an off-by-one in attribute store (bsc#1051510).\n\n - iommu/amd: Fix amd_iommu=force_isolation (bsc#1106105).\n\n - iommu/vt-d: Handle domain agaw being less than iommu agaw (bsc#1106105).\n\n - iwlwifi: add new cards for 9560, 9462, 9461 and killer series (bsc#1051510).\n\n - iwlwifi: fix LED command capability bit (bsc#1119086).\n\n - iwlwifi: nvm: get num of hw addresses from firmware (bsc#1119086).\n\n - iwlwifi: pcie: do not reset TXQ write pointer (bsc#1051510).\n\n - jffs2: free jffs2_sb_info through jffs2_kill_sb() (bsc#1118767).\n\n - jump_label: Split out code under the hotplug lock (bsc#1106913).\n\n - kabi: hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined (bnc#1116336).\n\n - kabi protect hnae_ae_ops (bsc#1104353).\n\n - kbuild: allow to use GCC toolchain not in Clang search path (git-fixes).\n\n - kbuild: fix linker feature test macros when cross compiling with Clang (git-fixes).\n\n - kbuild: make missing $DEPMOD a Warning instead of an Error (git-fixes).\n\n - kbuild: rpm-pkg: keep spec file until make mrproper (git-fixes).\n\n - kbuild: suppress packed-not-aligned warning for default setting only (git-fixes).\n\n - kbuild: verify that $DEPMOD is installed (git-fixes).\n\n - kernfs: Replace strncpy with memcpy (bsc#1120053).\n\n - keys: Fix the use of the C++ keyword 'private' in uapi/linux/keyctl.h (Git-fixes).\n\n - kobject: Replace strncpy with memcpy (git-fixes).\n\n - kprobes: Make list and blacklist root user read only (git-fixes).\n\n - kvm: PPC: Book3S PR: Enable use on POWER9 inside HPT-mode guests (bsc#1118484).\n\n - kvm: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114279).\n\n - libata: whitelist all SAMSUNG MZ7KM* solid-state disks (bsc#1051510).\n\n - libceph: fall back to sendmsg for slab pages (bsc#1118316).\n\n - libnvdimm, pfn: Pad pfn namespaces relative to other regions (bsc#1118962).\n\n - lib/raid6: Fix arm64 test build (bsc#1051510).\n\n - lib/ubsan.c: do not mark\n __ubsan_handle_builtin_unreachable as noreturn (bsc#1051510).\n\n - Limit max FW API version for QCA9377 (bsc#1121714, bsc#1121715).\n\n - linux/bitmap.h: fix type of nbits in bitmap_shift_right() (bsc#1051510).\n\n - locking/barriers: Convert users of lockless_dereference() to READ_ONCE() (Git-fixes).\n\n - locking/static_keys: Improve uninitialized key warning (bsc#1106913).\n\n - mac80211: Clear beacon_int in ieee80211_do_stop (bsc#1051510).\n\n - mac80211: fix reordering of buffered broadcast packets (bsc#1051510).\n\n - mac80211_hwsim: fix module init error paths for netlink (bsc#1051510).\n\n - mac80211_hwsim: Timer should be initialized before device registered (bsc#1051510).\n\n - mac80211: ignore NullFunc frames in the duplicate detection (bsc#1051510).\n\n - mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext (bsc#1051510).\n\n - Mark HI and TASKLET softirq synchronous (git-fixes).\n\n - media: em28xx: Fix use-after-free when disconnecting (bsc#1051510).\n\n - media: em28xx: make v4l2-compliance happier by starting sequence on zero (bsc#1051510).\n\n - media: omap3isp: Unregister media device as first (bsc#1051510).\n\n - mmc: bcm2835: reset host on timeout (bsc#1051510).\n\n - mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support (bsc#1051510).\n\n - mmc: core: Reset HPI enabled state during re-init and in case of errors (bsc#1051510).\n\n - mmc: core: Use a minimum 1600ms timeout when enabling CACHE ctrl (bsc#1051510).\n\n - mmc: dw_mmc-bluefield: Add driver extension (bsc#1118752).\n\n - mmc: dw_mmc-k3: add sd support for hi3660 (bsc#1118752).\n\n - MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310 (bsc#1051510).\n\n - mmc: omap_hsmmc: fix DMA API warning (bsc#1051510).\n\n - mmc: sdhci: fix the timeout check window for clock and reset (bsc#1051510).\n\n - mm: do not miss the last page because of round-off error (bnc#1118798).\n\n - mm: do not warn about large allocations for slab (git fixes (slab)).\n\n - mm/huge_memory.c: reorder operations in\n __split_huge_page_tail() (VM Functionality bsc#1119962).\n\n - mm: hugetlb: yield when prepping struct pages (git fixes (memory initialisation)).\n\n - mm: lower the printk loglevel for __dump_page messages (generic hotplug debugability).\n\n - mm, memory_hotplug: be more verbose for memory offline failures (generic hotplug debugability).\n\n - mm, memory_hotplug: drop pointless block alignment checks from __offline_pages (generic hotplug debugability).\n\n - mm, memory_hotplug: print reason for the offlining failure (generic hotplug debugability).\n\n - mm: migration: fix migration of huge PMD shared pages (bnc#1086423).\n\n - mm: only report isolation failures when offlining memory (generic hotplug debugability).\n\n - mm: print more information about mapping in __dump_page (generic hotplug debugability).\n\n - mm: put_and_wait_on_page_locked() while page is migrated (bnc#1109272).\n\n - mm: sections are not offlined during memory hotremove (bnc#1119968).\n\n - mm: shmem.c: Correctly annotate new inodes for lockdep (Git fixes: shmem).\n\n - mm/vmstat.c: fix NUMA statistics updates (git fixes).\n\n - Move dell_rbu fix to sorted section (bsc#1087978).\n\n - mtd: cfi: convert inline functions to macros (git-fixes).\n\n - mtd: Fix comparison in map_word_andequal() (git-fixes).\n\n - namei: allow restricted O_CREAT of FIFOs and regular files (bsc#1118766).\n\n - nbd: do not allow invalid blocksize settings (Git-fixes).\n\n - net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() (bsc#1051510).\n\n - net: dsa: mv88e6xxx: Fix binding documentation for MDIO busses (git-fixes).\n\n - net: dsa: qca8k: Add QCA8334 binding documentation (git-fixes).\n\n - net: ena: fix crash during ena_remove() (bsc#1111696 bsc#1117561).\n\n - net: ena: update driver version from 2.0.1 to 2.0.2 (bsc#1111696 bsc#1117561).\n\n - net: hns3: Add nic state check before calling netif_tx_wake_queue (bsc#1104353).\n\n - net: hns3: Add support for hns3_nic_netdev_ops.ndo_do_ioctl (bsc#1104353).\n\n - net: hns3: bugfix for buffer not free problem during resetting (bsc#1104353).\n\n - net: hns3: bugfix for handling mailbox while the command queue reinitialized (bsc#1104353).\n\n - net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read (bsc#1104353).\n\n - net: hns3: bugfix for is_valid_csq_clean_head() (bsc#1104353 ).\n\n - net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem (bsc#1104353).\n\n - net: hns3: bugfix for rtnl_lock's range in the hclgevf_reset() (bsc#1104353).\n\n - net: hns3: bugfix for the initialization of command queue's spin lock (bsc#1104353).\n\n - net: hns3: Check hdev state when getting link status (bsc#1104353).\n\n - net: hns3: Clear client pointer when initialize client failed or unintialize finished (bsc#1104353).\n\n - net: hns3: Fix cmdq registers initialization issue for vf (bsc#1104353).\n\n - net: hns3: Fix error of checking used vlan id (bsc#1104353 ).\n\n - net: hns3: Fix ets validate issue (bsc#1104353).\n\n - net: hns3: Fix for netdev not up problem when setting mtu (bsc#1104353).\n\n - net: hns3: Fix for out-of-bounds access when setting pfc back pressure (bsc#1104353).\n\n - net: hns3: Fix for packet buffer setting bug (bsc#1104353 ).\n\n - net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware (bsc#1104353).\n\n - net: hns3: Fix for setting speed for phy failed problem (bsc#1104353).\n\n - net: hns3: Fix for vf vlan delete failed problem (bsc#1104353 ).\n\n - net: hns3: Fix loss of coal configuration while doing reset (bsc#1104353).\n\n - net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() (bsc#1104353).\n\n - net: hns3: Fix ping exited problem when doing lp selftest (bsc#1104353).\n\n - net: hns3: Preserve vlan 0 in hardware table (bsc#1104353 ).\n\n - net: hns3: remove unnecessary queue reset in the hns3_uninit_all_ring() (bsc#1104353).\n\n - net: hns3: Set STATE_DOWN bit of hdev state when stopping net (bsc#1104353).\n\n - net/mlx4_core: Correctly set PFC param if global pause is turned off (bsc#1046299).\n\n - net: usb: r8152: constify usb_device_id (bsc#11197