Critical Photon OS Security Update - PHSA-2019-3.0-0026

2019-08-21T00:00:00

Description

Updates of ['postgresql', 'linux-esx', 'zeromq', 'linux-aws', 'u-boot', 'binutils', 'haproxy', 'linux', 'linux-secure', 'expat', 'mysql', 'grub2', 'libssh2'] packages of Photon OS have been released.

{"id": "PHSA-2019-3.0-0026", "vendorId": null, "type": "photon", "bulletinFamily": "unix", "title": "Critical Photon OS Security Update - PHSA-2019-3.0-0026", "description": "Updates of ['postgresql', 'linux-esx', 'zeromq', 'linux-aws', 'u-boot', 'binutils', 'haproxy', 'linux', 'linux-secure', 'expat', 'mysql', 'grub2', 'libssh2'] packages of Photon OS have been released.\n", "published": "2019-08-21T00:00:00", "modified": "2019-08-21T00:00:00", "epss": [{"cve": "CVE-2015-8370", "epss": 0.00108, "percentile": 0.42435, "modified": "2023-06-06"}, {"cve": "CVE-2018-20843", "epss": 0.91481, "percentile": 0.98392, "modified": "2023-06-06"}, {"cve": "CVE-2019-10126", "epss": 0.01095, "percentile": 0.82329, "modified": "2023-06-06"}, {"cve": "CVE-2019-10208", "epss": 0.00193, "percentile": 0.55787, "modified": "2023-06-06"}, {"cve": "CVE-2019-10638", "epss": 0.00168, "percentile": 0.52311, "modified": "2023-06-06"}, {"cve": "CVE-2019-1125", "epss": 0.00119, "percentile": 0.44748, "modified": "2023-06-06"}, {"cve": "CVE-2019-12972", "epss": 0.00063, "percentile": 0.24993, "modified": "2023-06-06"}, {"cve": "CVE-2019-13103", "epss": 0.00042, "percentile": 0.05671, "modified": "2023-06-06"}, {"cve": "CVE-2019-13115", "epss": 0.00271, "percentile": 0.63164, "modified": "2023-06-06"}, {"cve": "CVE-2019-13272", "epss": 0.00052, "percentile": 0.18068, "modified": "2023-06-06"}, {"cve": "CVE-2019-14241", "epss": 0.81339, "percentile": 0.97848, "modified": "2023-06-06"}, {"cve": "CVE-2019-14250", "epss": 0.0008, "percentile": 0.3313, "modified": "2023-06-06"}, {"cve": "CVE-2019-14283", "epss": 0.00084, "percentile": 0.34562, "modified": "2023-06-06"}, {"cve": "CVE-2019-14284", "epss": 0.0009, "percentile": 0.3703, "modified": "2023-06-06"}, {"cve": "CVE-2019-14444", "epss": 0.001, "percentile": 0.40085, "modified": "2023-06-06"}, {"cve": "CVE-2019-15090", "epss": 0.00045, "percentile": 0.12142, "modified": "2023-06-06"}, {"cve": "CVE-2019-15211", "epss": 0.00117, "percentile": 0.44482, "modified": "2023-06-06"}, {"cve": "CVE-2019-15213", "epss": 0.00115, "percentile": 0.44052, "modified": "2023-06-06"}, {"cve": "CVE-2019-15215", "epss": 0.00117, "percentile": 0.44482, "modified": "2023-06-06"}, {"cve": "CVE-2019-15220", "epss": 0.00097, "percentile": 0.39509, "modified": "2023-06-06"}, {"cve": "CVE-2019-15807", "epss": 0.00045, "percentile": 0.12142, "modified": "2023-06-06"}, {"cve": "CVE-2019-15925", "epss": 0.00042, "percentile": 0.05671, "modified": "2023-06-06"}, {"cve": "CVE-2019-15926", "epss": 0.0112, "percentile": 0.82534, "modified": "2023-06-06"}, {"cve": "CVE-2019-17351", "epss": 0.00045, "percentile": 0.12142, "modified": "2023-06-06"}, {"cve": "CVE-2019-20934", "epss": 0.00044, "percentile": 0.10297, "modified": "2023-06-06"}, {"cve": "CVE-2019-2737", "epss": 0.00124, "percentile": 0.45544, "modified": "2023-06-06"}, {"cve": "CVE-2019-2738", "epss": 0.00102, "percentile": 0.40525, "modified": "2023-06-06"}, {"cve": "CVE-2019-2739", "epss": 0.00053, "percentile": 0.19056, "modified": "2023-06-06"}, {"cve": "CVE-2019-2740", "epss": 0.00175, "percentile": 0.53334, "modified": "2023-06-06"}, {"cve": "CVE-2019-2741", "epss": 0.00128, "percentile": 0.463, "modified": "2023-06-06"}, {"cve": "CVE-2019-2789", "epss": 0.00078, "percentile": 0.31772, "modified": "2023-06-06"}, {"cve": "CVE-2019-2795", "epss": 0.00244, "percentile": 0.61029, "modified": "2023-06-06"}, {"cve": "CVE-2019-2796", "epss": 0.00094, "percentile": 0.38651, "modified": "2023-06-06"}, {"cve": "CVE-2019-2797", "epss": 0.0006, "percentile": 0.23567, "modified": "2023-06-06"}, {"cve": "CVE-2019-2798", "epss": 0.00094, "percentile": 0.38651, "modified": "2023-06-06"}, {"cve": "CVE-2019-2800", "epss": 0.00244, "percentile": 0.61029, "modified": "2023-06-06"}, {"cve": "CVE-2019-2801", "epss": 0.00094, "percentile": 0.38651, "modified": "2023-06-06"}, {"cve": "CVE-2019-2802", "epss": 0.00094, "percentile": 0.38651, "modified": "2023-06-06"}, {"cve": "CVE-2019-2803", "epss": 0.00094, "percentile": 0.38651, "modified": "2023-06-06"}, {"cve": "CVE-2019-2805", "epss": 0.0019, "percentile": 0.55158, "modified": "2023-06-06"}, {"cve": "CVE-2019-2808", "epss": 0.00094, "percentile": 0.38651, "modified": "2023-06-06"}, {"cve": "CVE-2019-2810", "epss": 0.00094, "percentile": 0.38651, "modified": "2023-06-06"}, {"cve": "CVE-2019-2811", "epss": 0.00094, "percentile": 0.38651, "modified": "2023-06-06"}, {"cve": "CVE-2019-2812", "epss": 0.00244, "percentile": 0.61029, "modified": "2023-06-06"}, {"cve": "CVE-2019-2814", "epss": 0.00069, "percentile": 0.28313, "modified": "2023-06-06"}, {"cve": "CVE-2019-2815", "epss": 0.00094, "percentile": 0.38651, "modified": "2023-06-06"}, {"cve": "CVE-2019-2819", "epss": 0.00103, "percentile": 0.40832, "modified": "2023-06-06"}, {"cve": "CVE-2019-2822", "epss": 0.00491, "percentile": 0.7268, "modified": "2023-06-06"}, {"cve": "CVE-2019-2826", "epss": 0.00094, "percentile": 0.38651, "modified": "2023-06-06"}, {"cve": "CVE-2019-2830", "epss": 0.00094, "percentile": 0.38651, "modified": "2023-06-06"}, {"cve": "CVE-2019-2834", "epss": 0.00244, "percentile": 0.61029, "modified": "2023-06-06"}, {"cve": "CVE-2019-2879", "epss": 0.00082, "percentile": 0.33761, "modified": "2023-06-06"}, {"cve": "CVE-2019-3846", "epss": 0.00102, "percentile": 0.40527, "modified": "2023-06-06"}, {"cve": "CVE-2019-3900", "epss": 0.00184, "percentile": 0.54329, "modified": "2023-06-06"}, {"cve": "CVE-2019-6250", "epss": 0.70176, "percentile": 0.9754, "modified": "2023-06-06"}], "cvss": {"score": 9.4, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.4}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 9.2, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-26", "reporter": "Photon", "references": [], "cvelist": ["CVE-2015-8370", "CVE-2018-20843", "CVE-2019-10126", "CVE-2019-10208", "CVE-2019-10638", "CVE-2019-1125", "CVE-2019-12972", "CVE-2019-13103", "CVE-2019-13115", "CVE-2019-13272", "CVE-2019-14241", "CVE-2019-14250", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-14444", "CVE-2019-15090", "CVE-2019-15211", "CVE-2019-15213", "CVE-2019-15215", "CVE-2019-15220", "CVE-2019-15807", "CVE-2019-15925", "CVE-2019-15926", "CVE-2019-17351", "CVE-2019-20934", "CVE-2019-2737", "CVE-2019-2738", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2741", "CVE-2019-2789", "CVE-2019-2795", "CVE-2019-2796", "CVE-2019-2797", "CVE-2019-2798", "CVE-2019-2800", "CVE-2019-2801", "CVE-2019-2802", "CVE-2019-2803", "CVE-2019-2805", "CVE-2019-2808", "CVE-2019-2810", "CVE-2019-2811", "CVE-2019-2812", "CVE-2019-2814", "CVE-2019-2815", "CVE-2019-2819", "CVE-2019-2822", "CVE-2019-2826", "CVE-2019-2830", "CVE-2019-2834", "CVE-2019-2879", "CVE-2019-3846", "CVE-2019-3900", "CVE-2019-6250"], "immutableFields": [], "lastseen": "2023-06-07T05:50:03", "viewCount": 27, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2019:2511", "ALSA-2019:3708", "ALSA-2020:4431", "ALSA-2020:4484", "ALSA-2020:4846", "ALSA-2020:5619"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2018-20843", "ALPINE:CVE-2019-10208", "ALPINE:CVE-2019-13115", "ALPINE:CVE-2019-2737", "ALPINE:CVE-2019-2739", "ALPINE:CVE-2019-2740", "ALPINE:CVE-2019-2805", "ALPINE:CVE-2019-6250"]}, {"type": "altlinux", "idList": ["0F1BA7BA024368ED8C2468665058E8DE", "138F58EC231C6231455BC552D3EBF1BA", "4C9A7DA7DC2116C52038B9D8C4C4D859", "72FDCF083DEEDD8FA0CB7D563B1F9456", "742CABA5B1D17FD1A8EDB9D1A91E9C18", "7B5538AE80BB7F85A50FAE923A254C54", "7F14251CB8D8F5C1AA0B55EB65804F4B", "8D3DBCB013E91328FAECE6925041159C", "97BA745F223F18AA8529924FB2D88408", "A2D907C9481E7EE4F282594C5069DBEC", "B0B78FC847519A38748AAF850C5B7BEC", "B3FB441422990F8E62E193D4F6FF2B9B", "BF346AAE391F0CD1097D4DB67686DC33", "E506C235D974EE3057B4109D5119AE7E"]}, {"type": "amazon", "idList": ["ALAS-2019-1232", "ALAS-2019-1253", "ALAS-2019-1296", "ALAS-2019-1297", "ALAS-2020-1441", "ALAS-2020-1442", "ALAS-2020-1443", "ALAS-2020-1460", "ALAS-2021-1459", "ALAS-2021-1519", "ALAS2-2019-1232", "ALAS2-2019-1253", "ALAS2-2020-1513", "ALAS2-2020-1537", "ALAS2-2021-1665"]}, {"type": "androidsecurity", "idList": ["ANDROID:2020-03-01", "ANDROID:2020-05-01"]}, {"type": "archlinux", "idList": ["ASA-201512-10", "ASA-201512-11", "ASA-201908-7", "ASA-201908-8"]}, {"type": "attackerkb", "idList": ["AKB:ADDB2585-1F1E-4954-96CC-D10B59171D41"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "centos", "idList": ["CESA-2015:2653", "CESA-2019:2029", "CESA-2019:2473", "CESA-2019:2600", "CESA-2019:3055", "CESA-2019:3836", "CESA-2020:1016", "CESA-2020:1100", "CESA-2020:3952", "CESA-2020:4060", "CESA-2021:1512", "CESA-2021:2725"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0253", "CPAI-2019-1618"]}, {"type": "cisa", "idList": ["CISA:380E63A9EAAD85FA1950A6973017E11B", "CISA:715DF5B957A42D91B3B79897B8FD61F2", "CISA:F3C70D08CAE58CBD29A5E5ED6B2AE473"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2019-13272"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:3CD9371F7B812821D289B3B89526722F", "CFOUNDRY:40058483A2E2195544934D494FF464F7", "CFOUNDRY:7CB555AB5BF153DCFD2739FA7E150C76", "CFOUNDRY:A005A5D22D18F966EBF6C011F833E895", "CFOUNDRY:BD71AB043932448695E8B3D20302D582", "CFOUNDRY:D2095944B38019F3860438162F040964", "CFOUNDRY:E28868CF5495F6C7D71AC5B00564832A", "CFOUNDRY:E9CE0268DAFD76AE052E27B69A06ACBD"]}, {"type": "cloudlinux", "idList": ["CLSA-2021:1639670534", "CLSA-2021:1640621287"]}, {"type": "cve", "idList": ["CVE-2015-8370", "CVE-2018-20843", "CVE-2019-10126", "CVE-2019-10208", "CVE-2019-10638", "CVE-2019-1125", "CVE-2019-12972", "CVE-2019-13103", "CVE-2019-13115", "CVE-2019-13272", "CVE-2019-14241", "CVE-2019-14250", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-14444", "CVE-2019-15090", "CVE-2019-15211", "CVE-2019-15213", "CVE-2019-15215", "CVE-2019-15220", "CVE-2019-15807", "CVE-2019-15925", "CVE-2019-15926", "CVE-2019-17351", "CVE-2019-20934", "CVE-2019-2737", "CVE-2019-2738", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2741", "CVE-2019-2789", "CVE-2019-2795", "CVE-2019-2796", "CVE-2019-2797", "CVE-2019-2798", "CVE-2019-2800", "CVE-2019-2801", "CVE-2019-2802", "CVE-2019-2803", "CVE-2019-2805", "CVE-2019-2808", "CVE-2019-2810", "CVE-2019-2811", "CVE-2019-2812", "CVE-2019-2814", "CVE-2019-2815", "CVE-2019-2819", "CVE-2019-2822", "CVE-2019-2826", "CVE-2019-2830", "CVE-2019-2834", "CVE-2019-2879", "CVE-2019-3846", "CVE-2019-3900", "CVE-2019-6250"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1730-3:1714C", "DEBIAN:DLA-1730-3:E3B46", "DEBIAN:DLA-1823-1:39845", "DEBIAN:DLA-1824-1:6789E", "DEBIAN:DLA-1839-1:13DB7", "DEBIAN:DLA-1839-1:728E0", "DEBIAN:DLA-1862-1:8E150", "DEBIAN:DLA-1863-1:26EA8", "DEBIAN:DLA-1874-1:A0C54", "DEBIAN:DLA-1884-1:61F35", "DEBIAN:DLA-1885-1:84558", "DEBIAN:DLA-1919-1:239EC", "DEBIAN:DLA-1919-2:858F8", "DEBIAN:DLA-1930-1:DFCDE", "DEBIAN:DLA-2848-1:A1678", "DEBIAN:DLA-368-1:37E52", "DEBIAN:DSA-3421-1:06317", "DEBIAN:DSA-3421-1:8087C", "DEBIAN:DSA-4368-1:7CC0F", "DEBIAN:DSA-4465-1:304F1", "DEBIAN:DSA-4465-1:DDE47", "DEBIAN:DSA-4472-1:4A655", "DEBIAN:DSA-4472-1:97343", "DEBIAN:DSA-4484-1:6701B", "DEBIAN:DSA-4484-1:9995E", "DEBIAN:DSA-4492-1:37E5A", "DEBIAN:DSA-4493-1:8689B", "DEBIAN:DSA-4495-1:1269E", "DEBIAN:DSA-4495-1:258DC", "DEBIAN:DSA-4497-1:7E46B", "DEBIAN:DSA-4497-1:F2AF4"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-8370", "DEBIANCVE:CVE-2018-20843", "DEBIANCVE:CVE-2019-10126", "DEBIANCVE:CVE-2019-10208", "DEBIANCVE:CVE-2019-10638", "DEBIANCVE:CVE-2019-1125", "DEBIANCVE:CVE-2019-12972", "DEBIANCVE:CVE-2019-13103", "DEBIANCVE:CVE-2019-13115", "DEBIANCVE:CVE-2019-13272", "DEBIANCVE:CVE-2019-14241", "DEBIANCVE:CVE-2019-14250", "DEBIANCVE:CVE-2019-14283", "DEBIANCVE:CVE-2019-14284", "DEBIANCVE:CVE-2019-14444", "DEBIANCVE:CVE-2019-15090", "DEBIANCVE:CVE-2019-15211", "DEBIANCVE:CVE-2019-15213", "DEBIANCVE:CVE-2019-15215", "DEBIANCVE:CVE-2019-15220", "DEBIANCVE:CVE-2019-15807", "DEBIANCVE:CVE-2019-15925", "DEBIANCVE:CVE-2019-15926", "DEBIANCVE:CVE-2019-17351", "DEBIANCVE:CVE-2019-20934", "DEBIANCVE:CVE-2019-2737", "DEBIANCVE:CVE-2019-2739", "DEBIANCVE:CVE-2019-2740", "DEBIANCVE:CVE-2019-2805", "DEBIANCVE:CVE-2019-3846", "DEBIANCVE:CVE-2019-3900", "DEBIANCVE:CVE-2019-6250"]}, {"type": "exploitdb", "idList": ["EDB-ID:47163", "EDB-ID:47543", "EDB-ID:48071", "EDB-ID:50541"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B9569B6E7A5B893D9E83922DA7DE24BA", "EXPLOITPACK:D90904EBF8E708574C2B9C142AE64E32"]}, {"type": "f5", "idList": ["F5:K00947806", "F5:K02585438", "F5:K03007515", "F5:K03444640", "F5:K04107324", "F5:K04831884", "F5:K10224912", "F5:K10754336", "F5:K13322484", "F5:K19194273", "F5:K23125024", "F5:K24249971", "F5:K25901386", "F5:K31085564", "F5:K32034450", "F5:K51011533", "F5:K51272092", "F5:K52136304", "F5:K69232741", "F5:K84141449", "F5:K91025336", "F5:K95593121", "SOL25901386"]}, {"type": "fedora", "idList": ["FEDORA:041196190421", "FEDORA:04868606351B", "FEDORA:06474609492B", "FEDORA:07B5A6CB4421", "FEDORA:18B6A601B8F9", "FEDORA:1BD5B6389B47", "FEDORA:1CAC0608E6F2", "FEDORA:2836F613193B", "FEDORA:2AECA6077DF6", "FEDORA:2C7766722DB4", "FEDORA:344346042F3E", "FEDORA:3A3766C5B5A2", "FEDORA:3A69E60B3E88", "FEDORA:3C394606D98F", "FEDORA:3F6FC603B27A", "FEDORA:4002B609954A", "FEDORA:49A0E6048FEB", "FEDORA:4CEF5610D7CA", "FEDORA:4F21B6125E50", "FEDORA:511986124F82", "FEDORA:511A7608E6E1", "FEDORA:54AA460F2356", "FEDORA:562EC60F8F22", "FEDORA:59E3F606D998", "FEDORA:5A4D662AE22C", "FEDORA:5BC786077CC2", "FEDORA:670E3607970A", "FEDORA:690DE6022BA8", "FEDORA:6976D62A089B", "FEDORA:6B43460C450E", "FEDORA:6D98A6187237", "FEDORA:6E67663233DB", "FEDORA:754F860A98ED", "FEDORA:78D3F60CAF52", "FEDORA:79EAC605FC25", "FEDORA:84FBF6179A05", "FEDORA:89C9C6051B3A", "FEDORA:9801060D30FA", "FEDORA:98E8F6079A11", "FEDORA:99396612EAD6", "FEDORA:9BEAD610ED74", "FEDORA:A0C3B66ADC4F", "FEDORA:A29B160972B0", "FEDORA:B8E1B6130727", "FEDORA:BDA53610ED61", "FEDORA:BF5EC607125E", "FEDORA:C0A4560C423F", "FEDORA:C1EA6603ECEC", "FEDORA:C4D496071279", "FEDORA:C63656040AE1", "FEDORA:C6AF860C4240", "FEDORA:C7391611860D", "FEDORA:CB0956087865", "FEDORA:D3523607924A", "FEDORA:DBC4662F3455", "FEDORA:DD3AE60954BE", "FEDORA:E37FD60924F1", "FEDORA:F02C560914F4", "FEDORA:F16B360F62FC"]}, {"type": "fortinet", "idList": ["FG-IR-18-002"]}, {"type": "freebsd", "idList": ["198E6220-AC8B-11E9-A1C7-B499BAEBFEAF", "8E48365A-214D-11E9-9F8A-0050562A4D7B", "9DE4C1C1-B9EE-11E9-82AA-6CC21735F730"]}, {"type": "gentoo", "idList": ["GLSA-201512-03", "GLSA-201903-22", "GLSA-201911-08", "GLSA-202007-39"]}, {"type": "githubexploit", "idList": ["21C02459-836A-5B10-9130-27953475DA2A", "3EFA325D-5BA7-5EF3-9D27-F1E642D0DE95", "8C344C6F-D882-5801-AA22-22F5F3F4B4DB", "9C610830-420D-566B-A8AD-A6735753E27F", "A491F600-7BE4-59CB-8F2A-56EA5DF22964", "A5372B0E-E434-566F-91EF-9BAF5D8CD2DA", "BFC7AA0E-B692-55B8-BECA-F6DAF024FADD", "C332FD21-E85D-5C7D-95FC-3CF453E1E5B9", "DADF6C7C-8CAD-5148-81FC-1572BAD544E9"]}, {"type": "hackerone", "idList": ["H1:477073"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20200408-01-SWAPGS"]}, {"type": "ibm", "idList": ["03EFB50C1CAA6C22421FC2F66D56F0E327D7925731FB23C81E8A254F6931D8F3", "13CEF3E699B892EB8EDD7E52729E7EE991B647FA5B215D74BD789F18036E95A9", "17DD2FC3DAC01BFB1E2178DA47F25229A0CD3E9D0AEE278A3C16F19757719E13", "1CF1618B946664C6B8A31958BD741A588CA86C4B899FD74EA531E60E214C2007", "22FE69B31A10A2D1A4C8753B638EBDDDA55E81977EC4563B990767DDEB64861F", "23E1A8234CB28A1958E6B0921DBFF41F837627FC7FE0AB52E91697295E3B8DA0", "24400C9D70BA9E11A467C03D5072550ABC0427709E1B129CDE6B8C00AC26633B", "2B9868CAD288C14AFDF0F5971D15B862C2D321ABB30241C9D87CD9C59FF9BD03", "2D1DDC9A6922C5A81EF6FA701763017E88B683CE9DF3036EE77B661157DF4815", "2E611A6867E31BF13C623BDA25F77FA56CB614EEE23CAE1D97DAB93DE8DEB2A4", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "37B1C13D57560AD2D5EFC78D9765E406257D9DEC561AC751A89056CBB0B78CDF", "4613957D820DCAFBB74BE1CB304042BC2F40D11AC7189E7AD20080A2A94DA39A", "4A01EBD94A01E74A255E63AD6B31142F185CBA3C69C6413337DA712E23F2EC73", "4A91EBA290B30504A8EF2EE87060FA1D3D5EF2F7A2869B4D9ACCE1C477DA4795", "4BB2759DF5CBB6BF54A7D60BF1046942C755D661255DAAC4EF3C0614D1A3AF9A", "4E20FF6980EF77F8F7C53E254EBEB9AF129EF6EDA938A5BDE9CFA46C95393000", "505AA9046670EC3A58A3F57E2932EB46B317BDB83A271F3A6627D59B7D958183", "55642C3815B3D4E270BF79F60E3EE4741DBBE7C0EC94AD5B93E9F051BCA44D7E", "577E6752CB94DC8755F2E4A38D9BA5117DD396F8C762252ACA978966E42D7766", "5B2548C6541B1859D763161398A2C0411503B1B1DF68AA7E25EE242BF792098C", "5C971ABE298E715E4DD664F197820425272400B40C52EF433CFD40BAFACB63C8", "6008235F2B5AB889012327334B8370A8EE655F77D3C7C13C1112DD6F096D05B1", "6592D9252E79D347E3A4FFDDFF016AB701763D108B8568C8DAE4D38C3A52C76A", "65AC1B828E41A5505E1A8E4F6E7E2E7A2BE86DE58C539C97379A40C7ED8BBD9F", "679BB8CE3220011CA4B10A26DAE28F57C4AE0FFE11D6960AF99282DDBDCCCC87", "683AA37B653363FD02791BC7A1F7CD150251CE22393F2B9CFA26550B7F995A3A", "6A0CE211061F295D9D98B616DAAADA0A43895F1108ACB08AF6BC99BC646F2753", "6A8FB2890AF2EBFB497D7D6CCC198FF3FF0E22BD184AAB460E05F9B5E0B6A4DF", "6CB4EF3A076E2190B30084083521AA008A1E2F799850D429F0737446D33988B3", "6F5E7455D08E55E4F9F3DFA8B8B618487EC9BFDDC4FCB87851672633689609AB", "703DC45FE16058487D42F26BA6BA5BAE5B1AF9C884E135A69B6A630A6E2D5FF7", "7BEBE6C769A16D13746B813CF456C36F85AE1B1A1CBD26E71A53BD6E5B34E2F4", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "8B24753FF8758BF51E7C6001AC39E0EF90B14323A9756CCEF8AC68E99EF03367", "9413B45266B0A1BF4C0F9EFBF289FB6AC5322C48A1E69D09833E6DA257C8CC77", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "9B3C2542A224A170177BC588D64FBAC641AEB3A7ED64BDCAE097C03AA1143EDF", "9C2CE532FAC76C36762B9AB979E9826E8E27B2B1204D0EC1CE7BF43E64F9ED60", "9E63E9416444AA2DF1664209083F4A7A31363BE16B637E0BA27E1FF0733D991A", "A435141E9D6894F7CA102FDB03C29288BC56B476D91906B1B0E7FA8301E0D89A", "AA3B70CE1898210855F90ABED1D1F346DBCD83F5C44D5AC97D28B475B6E14D11", "AC1428711C403C1B4769984234D50FE4F5F83D8DF9CF99F7834FADA33056EC4D", "B37FB96EE4FA4B06328DA641D49120233F6F6FC031E87E5A21A71F34BB882B42", "B68653AE8B3B701FAB183C54D344C9C2EE03602A2C7365EC7CF172320BA1AA2E", "B947805A29EE83AAAED8ABADDD8CFF00AA389BFC4D7DDC49FC3A89A557DD856C", "BDFA432EA62E6EFDD1DA5F84B4EE926C27FCF1125443F9D0EC5005B0FEE74C89", "C1496EC4045B1D46025659B86814D1D0EF8F5054AB7B5935417CDC9116D1E1FD", "D11A0C2CC15BB8D7B04868F2862A15D1963924B4812649E2D326C9951AF9DCE2", "D90882A3E95B0A521011936122CA086C48D9FEF441869C5BF302F67319C3A703", "DB8E4E659E64514548095D982131905FB3A6F5608C5916769B8820AA6A05133D", "DE367A059D35C909557795AD50F02620921B5CC13CC7F375C7C2F83A009A984C", "E11803E20D63A12381FA146D7D5A52ED5A6F336A3586F9D2AA2B8CE17DFE9827", "F1597C42F7058EC5355D537CF0B5CCCD3381E08D913C94048A42E00058BB7270", "F479B1D4D6CE6F94562BE83AEBC7D30E6633A6727AB24138B99039D7EB3AB70F"]}, {"type": "ics", "idList": ["ICSA-19-344-03", "ICSA-23-075-01"]}, {"type": "kaspersky", "idList": ["KLA11529", "KLA11539", "KLA11696", "KLA11700"]}, {"type": "lenovo", "idList": ["LENOVO:PS500167-SPECULATIVE-EXECUTION-SIDE-CHANNEL-VULNERABILITY-VARIANTS-NOSID", "LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2015-0480", "MGASA-2019-0054", "MGASA-2019-0220", "MGASA-2019-0221", "MGASA-2019-0224", "MGASA-2019-0225", "MGASA-2019-0274", "MGASA-2019-0333", "MGASA-2020-0112"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-LINUX-LOCAL-PTRACE_TRACEME_PKEXEC_HELPER-"]}, {"type": "mscve", "idList": ["MS:CVE-2019-1125"]}, {"type": "mskb", "idList": ["KB4507435", "KB4507448", "KB4507449", "KB4507450", "KB4507452", "KB4507453", "KB4507455", "KB4507456", "KB4507457", "KB4507458", "KB4507460", "KB4507461", "KB4507462", "KB4507464", "KB4507469"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1232.NASL", "AL2_ALAS-2019-1253.NASL", "AL2_ALAS-2020-1513.NASL", "AL2_ALAS-2020-1537.NASL", "AL2_ALAS-2021-1665.NASL", "ALA_ALAS-2019-1232.NASL", "ALA_ALAS-2019-1253.NASL", "ALA_ALAS-2019-1296.NASL", "ALA_ALAS-2019-1297.NASL", "ALA_ALAS-2020-1441.NASL", "ALA_ALAS-2020-1442.NASL", "ALA_ALAS-2020-1443.NASL", "ALA_ALAS-2020-1460.NASL", "ALA_ALAS-2021-1459.NASL", "ALA_ALAS-2021-1519.NASL", "ALMA_LINUX_ALSA-2019-3708.NASL", "ALMA_LINUX_ALSA-2020-4431.NASL", "ALMA_LINUX_ALSA-2020-4484.NASL", "ALMA_LINUX_ALSA-2020-4846.NASL", "CENTOS8_RHSA-2019-2411.NASL", "CENTOS8_RHSA-2019-2511.NASL", "CENTOS8_RHSA-2019-2703.NASL", "CENTOS8_RHSA-2019-3517.NASL", "CENTOS8_RHSA-2019-3708.NASL", "CENTOS8_RHSA-2020-1769.NASL", "CENTOS8_RHSA-2020-3669.NASL", "CENTOS8_RHSA-2020-4431.NASL", "CENTOS8_RHSA-2020-4484.NASL", "CENTOS8_RHSA-2020-4846.NASL", "CENTOS8_RHSA-2020-5619.NASL", "CENTOS_RHSA-2015-2623.NASL", "CENTOS_RHSA-2019-2029.NASL", "CENTOS_RHSA-2019-2473.NASL", "CENTOS_RHSA-2019-2600.NASL", "CENTOS_RHSA-2019-3055.NASL", "CENTOS_RHSA-2019-3836.NASL", "CENTOS_RHSA-2020-1016.NASL", "CENTOS_RHSA-2020-1100.NASL", "CENTOS_RHSA-2020-3952.NASL", "CENTOS_RHSA-2020-4060.NASL", "CENTOS_RHSA-2021-1512.NASL", "CENTOS_RHSA-2021-2725.NASL", "DEBIAN_DLA-1823.NASL", "DEBIAN_DLA-1824.NASL", "DEBIAN_DLA-1839.NASL", "DEBIAN_DLA-1862.NASL", "DEBIAN_DLA-1863.NASL", "DEBIAN_DLA-1874.NASL", "DEBIAN_DLA-1884.NASL", "DEBIAN_DLA-1885.NASL", "DEBIAN_DLA-1919.NASL", "DEBIAN_DLA-1930.NASL", "DEBIAN_DLA-2848.NASL", "DEBIAN_DLA-368.NASL", "DEBIAN_DSA-3421.NASL", "DEBIAN_DSA-4368.NASL", "DEBIAN_DSA-4465.NASL", "DEBIAN_DSA-4472.NASL", "DEBIAN_DSA-4484.NASL", "DEBIAN_DSA-4492.NASL", "DEBIAN_DSA-4493.NASL", "DEBIAN_DSA-4495.NASL", "DEBIAN_DSA-4497.NASL", "EULEROS_SA-2019-1636.NASL", "EULEROS_SA-2019-1758.NASL", "EULEROS_SA-2019-1783.NASL", "EULEROS_SA-2019-1841.NASL", "EULEROS_SA-2019-1919.NASL", "EULEROS_SA-2019-1926.NASL", "EULEROS_SA-2019-1935.NASL", "EULEROS_SA-2019-1972.NASL", "EULEROS_SA-2019-2063.NASL", "EULEROS_SA-2019-2068.NASL", "EULEROS_SA-2019-2081.NASL", "EULEROS_SA-2019-2090.NASL", "EULEROS_SA-2019-2099.NASL", "EULEROS_SA-2019-2201.NASL", "EULEROS_SA-2019-2274.NASL", "EULEROS_SA-2019-2309.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2019-2531.NASL", "EULEROS_SA-2019-2543.NASL", "EULEROS_SA-2019-2686.NASL", "EULEROS_SA-2019-2693.NASL", "EULEROS_SA-2020-1001.NASL", "EULEROS_SA-2020-1074.NASL", "EULEROS_SA-2020-1094.NASL", "EULEROS_SA-2020-1142.NASL", "EULEROS_SA-2020-1158.NASL", "EULEROS_SA-2020-1186.NASL", "EULEROS_SA-2020-1197.NASL", "EULEROS_SA-2020-1269.NASL", "EULEROS_SA-2020-1363.NASL", "EULEROS_SA-2020-1372.NASL", "EULEROS_SA-2020-1396.NASL", "EULEROS_SA-2020-1452.NASL", "EULEROS_SA-2020-1466.NASL", "EULEROS_SA-2020-1548.NASL", "EULEROS_SA-2020-1593.NASL", "EULEROS_SA-2020-1635.NASL", "EULEROS_SA-2020-1743.NASL", "EULEROS_SA-2020-2072.NASL", "EULEROS_SA-2020-2226.NASL", "EULEROS_SA-2020-2330.NASL", "EULEROS_SA-2020-2514.NASL", "EULEROS_SA-2021-1039.NASL", "EULEROS_SA-2021-1056.NASL", "EULEROS_SA-2021-1079.NASL", "EULEROS_SA-2021-1311.NASL", "EULEROS_SA-2021-1684.NASL", "EULEROS_SA-2022-1296.NASL", "EULEROS_SA-2022-1312.NASL", "F5_BIGIP_SOL25901386.NASL", "F5_BIGIP_SOL31085564.NASL", "FEDORA_2015-90C27B6E91.NASL", "FEDORA_2015-CEBE5133E7.NASL", "FEDORA_2019-139FCDA84D.NASL", "FEDORA_2019-18868E1715.NASL", "FEDORA_2019-5885663621.NASL", "FEDORA_2019-5FBBF73269.NASL", "FEDORA_2019-6BDA4C81F4.NASL", "FEDORA_2019-7EC378191E.NASL", "FEDORA_2019-8219EFA9F6.NASL", "FEDORA_2019-87D807D7CB.NASL", "FEDORA_2019-96516CE0AC.NASL", "FEDORA_2019-986FCE48B4.NASL", "FEDORA_2019-9D85600FC7.NASL", "FEDORA_2019-A6CD583A8D.NASL", "FEDORA_2019-A95015E60F.NASL", "FEDORA_2019-C106E46A95.NASL", "FEDORA_2019-E37C348348.NASL", "FEDORA_2019-F40BD7826F.NASL", "FREEBSD_PKG_198E6220AC8B11E9A1C7B499BAEBFEAF.NASL", "FREEBSD_PKG_8E48365A214D11E99F8A0050562A4D7B.NASL", "FREEBSD_PKG_9DE4C1C1B9EE11E982AA6CC21735F730.NASL", "GENTOO_GLSA-201512-03.NASL", "GENTOO_GLSA-201903-22.NASL", "GENTOO_GLSA-201911-08.NASL", "GENTOO_GLSA-202007-39.NASL", "IBM_HTTP_SERVER_964768.NASL", "MARIADB_10_1_41.NASL", "MARIADB_10_2_26.NASL", "MARIADB_10_3_17.NASL", "MARIADB_10_4_7.NASL", "MARIADB_5_5_65.NASL", "MYSQL_5_6_45.NASL", "MYSQL_5_7_27_JULY.NASL", "MYSQL_8_0_16.NASL", "MYSQL_8_0_17.NASL", "NESSUS_TNS_2021_11.NASL", "NEWSTART_CGSL_NS-SA-2019-0177_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0180_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0183_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0189_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0200_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0221_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0222_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0247_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0253_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0264_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0266_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2020-0021_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0041_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0043_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2020-0068_MARIADB.NASL", "NEWSTART_CGSL_NS-SA-2020-0102_MARIADB.NASL", "NEWSTART_CGSL_NS-SA-2020-0108_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0026_EXPAT.NASL", "NEWSTART_CGSL_NS-SA-2021-0078_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0083_EXPAT.NASL", "NEWSTART_CGSL_NS-SA-2021-0096_BINUTILS.NASL", "NEWSTART_CGSL_NS-SA-2021-0109_POSTGRESQL.NASL", "NEWSTART_CGSL_NS-SA-2021-0175_EXPAT.NASL", "NEWSTART_CGSL_NS-SA-2022-0014_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2022-0025_BINUTILS.NASL", "NEWSTART_CGSL_NS-SA-2022-0038_POSTGRESQL.NASL", "NEWSTART_CGSL_NS-SA-2022-0040_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2022-0075_KERNEL.NASL", "NUTANIX_NXSA-AHV-20201105_1021.NASL", "NUTANIX_NXSA-AOS-5_11_3.NASL", "NUTANIX_NXSA-AOS-5_15_3.NASL", "NUTANIX_NXSA-AOS-5_15_5.NASL", "NUTANIX_NXSA-AOS-5_16_0_1.NASL", "NUTANIX_NXSA-AOS-5_16_1.NASL", "NUTANIX_NXSA-AOS-5_17.NASL", "NUTANIX_NXSA-AOS-5_17_1.NASL", "NUTANIX_NXSA-AOS-5_18.NASL", "NUTANIX_NXSA-AOS-5_19_0_5.NASL", "NUTANIX_NXSA-AOS-5_19_1.NASL", "NUTANIX_NXSA-AOS-5_20_2.NASL", "NUTANIX_NXSA-AOS-6_0_1_5.NASL", "NUTANIX_NXSA-AOS-6_0_2.NASL", "NUTANIX_NXSA-AOS-6_1.NASL", "OPENSUSE-2015-957.NASL", "OPENSUSE-2016-10.NASL", "OPENSUSE-2019-1570.NASL", "OPENSUSE-2019-1571.NASL", "OPENSUSE-2019-1579.NASL", "OPENSUSE-2019-1716.NASL", "OPENSUSE-2019-1757.NASL", "OPENSUSE-2019-1777.NASL", "OPENSUSE-2019-1923.NASL", "OPENSUSE-2019-1924.NASL", "OPENSUSE-2019-2062.NASL", "OPENSUSE-2019-2173.NASL", "OPENSUSE-2019-2181.NASL", "OPENSUSE-2019-2364.NASL", "OPENSUSE-2019-2365.NASL", "OPENSUSE-2019-2555.NASL", "OPENSUSE-2019-2556.NASL", "OPENSUSE-2019-2675.NASL", "OPENSUSE-2019-2698.NASL", "OPENSUSE-2019-64.NASL", "OPENSUSE-2019-87.NASL", "OPENSUSE-2020-1227.NASL", "OPENSUSE-2020-1790.NASL", "OPENSUSE-2020-1804.NASL", "OPENSUSE-2020-1930.NASL", "OPENSUSE-2020-716.NASL", "OPENSUSE-2021-3876.NASL", "OPENSUSE-2021-75.NASL", "ORACLELINUX_ELSA-2015-2623.NASL", "ORACLELINUX_ELSA-2019-2411.NASL", "ORACLELINUX_ELSA-2019-2473.NASL", "ORACLELINUX_ELSA-2019-2511.NASL", "ORACLELINUX_ELSA-2019-2600.NASL", "ORACLELINUX_ELSA-2019-2703.NASL", "ORACLELINUX_ELSA-2019-3055.NASL", "ORACLELINUX_ELSA-2019-3836.NASL", "ORACLELINUX_ELSA-2019-4735.NASL", "ORACLELINUX_ELSA-2019-4746.NASL", "ORACLELINUX_ELSA-2019-4775.NASL", "ORACLELINUX_ELSA-2019-4777.NASL", "ORACLELINUX_ELSA-2019-4808.NASL", "ORACLELINUX_ELSA-2019-4810.NASL", "ORACLELINUX_ELSA-2019-4812.NASL", "ORACLELINUX_ELSA-2019-4820.NASL", "ORACLELINUX_ELSA-2019-4836.NASL", "ORACLELINUX_ELSA-2019-4850.NASL", "ORACLELINUX_ELSA-2019-4854.NASL", "ORACLELINUX_ELSA-2019-4855.NASL", "ORACLELINUX_ELSA-2019-4871.NASL", "ORACLELINUX_ELSA-2019-4872.NASL", "ORACLELINUX_ELSA-2019-4878.NASL", "ORACLELINUX_ELSA-2020-3669.NASL", "ORACLELINUX_ELSA-2020-3952.NASL", "ORACLELINUX_ELSA-2020-4484.NASL", "ORACLELINUX_ELSA-2020-5508.NASL", "ORACLELINUX_ELSA-2020-5511.NASL", "ORACLELINUX_ELSA-2020-5512.NASL", "ORACLELINUX_ELSA-2020-56191.NASL", "ORACLELINUX_ELSA-2020-5755.NASL", "ORACLELINUX_ELSA-2020-5837.NASL", "ORACLELINUX_ELSA-2020-5845.NASL", "ORACLELINUX_ELSA-2020-5866.NASL", "ORACLELINUX_ELSA-2021-1512.NASL", "ORACLELINUX_ELSA-2021-2725.NASL", "ORACLELINUX_ELSA-2021-9002.NASL", "ORACLELINUX_ELSA-2021-9290.NASL", "ORACLELINUX_ELSA-2021-9459.NASL", "ORACLEVM_OVMSA-2019-0038.NASL", "ORACLEVM_OVMSA-2019-0046.NASL", "ORACLEVM_OVMSA-2019-0056.NASL", "ORACLEVM_OVMSA-2020-0041.NASL", "ORACLEVM_OVMSA-2020-0044.NASL", "ORACLEVM_OVMSA-2021-0001.NASL", "ORACLEVM_OVMSA-2021-0031.NASL", "ORACLEVM_OVMSA-2021-0035.NASL", "ORACLE_HTTP_SERVER_CPU_OCT_2021.NASL", "PHOTONOS_PHSA-2016-0012.NASL", "PHOTONOS_PHSA-2016-0012_GRUB2.NASL", "PHOTONOS_PHSA-2019-1_0-0247_EXPAT.NASL", "PHOTONOS_PHSA-2019-1_0-0249_HAPROXY.NASL", "PHOTONOS_PHSA-2019-1_0-0251_LINUX.NASL", "PHOTONOS_PHSA-2019-1_0-0257_POSTGRESQL.NASL", "PHOTONOS_PHSA-2019-2_0-0171_EXPAT.NASL", "PHOTONOS_PHSA-2019-2_0-0173_BINUTILS.NASL", "PHOTONOS_PHSA-2019-2_0-0190_POSTGRESQL.NASL", "PHOTONOS_PHSA-2019-3_0-0026_BINUTILS.NASL", "PHOTONOS_PHSA-2019-3_0-0026_EXPAT.NASL", "PHOTONOS_PHSA-2019-3_0-0026_HAPROXY.NASL", "PHOTONOS_PHSA-2019-3_0-0026_LIBSSH2.NASL", "PHOTONOS_PHSA-2019-3_0-0026_LINUX.NASL", "PHOTONOS_PHSA-2019-3_0-0026_MYSQL.NASL", "PHOTONOS_PHSA-2019-3_0-0026_ZEROMQ.NASL", "PHOTONOS_PHSA-2020-2_0-0225_LINUX.NASL", "PHOTONOS_PHSA-209-2_0-0175_LINUX.NASL", "POSTGRESQL_20190808.NASL", "REDHAT-RHSA-2015-2623.NASL", "REDHAT-RHSA-2019-1973.NASL", "REDHAT-RHSA-2019-2029.NASL", "REDHAT-RHSA-2019-2043.NASL", "REDHAT-RHSA-2019-2405.NASL", "REDHAT-RHSA-2019-2411.NASL", "REDHAT-RHSA-2019-2473.NASL", "REDHAT-RHSA-2019-2476.NASL", "REDHAT-RHSA-2019-2511.NASL", "REDHAT-RHSA-2019-2600.NASL", "REDHAT-RHSA-2019-2609.NASL", "REDHAT-RHSA-2019-2695.NASL", "REDHAT-RHSA-2019-2696.NASL", "REDHAT-RHSA-2019-2703.NASL", "REDHAT-RHSA-2019-2730.NASL", "REDHAT-RHSA-2019-2741.NASL", "REDHAT-RHSA-2019-2809.NASL", "REDHAT-RHSA-2019-2899.NASL", "REDHAT-RHSA-2019-2900.NASL", "REDHAT-RHSA-2019-2975.NASL", "REDHAT-RHSA-2019-3011.NASL", "REDHAT-RHSA-2019-3055.NASL", "REDHAT-RHSA-2019-3076.NASL", "REDHAT-RHSA-2019-3089.NASL", "REDHAT-RHSA-2019-3220.NASL", "REDHAT-RHSA-2019-3309.NASL", "REDHAT-RHSA-2019-3517.NASL", "REDHAT-RHSA-2019-3708.NASL", "REDHAT-RHSA-2019-3836.NASL", "REDHAT-RHSA-2019-3967.NASL", "REDHAT-RHSA-2019-4058.NASL", "REDHAT-RHSA-2020-0174.NASL", "REDHAT-RHSA-2020-0204.NASL", "REDHAT-RHSA-2020-0980.NASL", "REDHAT-RHSA-2020-1016.NASL", "REDHAT-RHSA-2020-1070.NASL", "REDHAT-RHSA-2020-1100.NASL", "REDHAT-RHSA-2020-1567.NASL", "REDHAT-RHSA-2020-1769.NASL", "REDHAT-RHSA-2020-2289.NASL", "REDHAT-RHSA-2020-2522.NASL", "REDHAT-RHSA-2020-2644.NASL", "REDHAT-RHSA-2020-3669.NASL", "REDHAT-RHSA-2020-3952.NASL", "REDHAT-RHSA-2020-4060.NASL", "REDHAT-RHSA-2020-4062.NASL", "REDHAT-RHSA-2020-4174.NASL", "REDHAT-RHSA-2020-4295.NASL", "REDHAT-RHSA-2020-4431.NASL", "REDHAT-RHSA-2020-4484.NASL", "REDHAT-RHSA-2020-4609.NASL", "REDHAT-RHSA-2020-4846.NASL", "REDHAT-RHSA-2020-5246.NASL", "REDHAT-RHSA-2020-5619.NASL", "REDHAT-RHSA-2020-5661.NASL", "REDHAT-RHSA-2020-5663.NASL", "REDHAT-RHSA-2020-5664.NASL", "REDHAT-RHSA-2021-0164.NASL", "REDHAT-RHSA-2021-0166.NASL", "REDHAT-RHSA-2021-0167.NASL", "REDHAT-RHSA-2021-1512.NASL", "REDHAT-RHSA-2021-2725.NASL", "REDHAT-RHSA-2021-2726.NASL", "REDHAT-RHSA-2021-3987.NASL", "SLACKWARE_SSA_2015-351-01.NASL", "SLACKWARE_SSA_2019-202-01.NASL", "SLACKWARE_SSA_2019-213-01.NASL", "SLACKWARE_SSA_2019-226-01.NASL", "SLACKWARE_SSA_2019-311-01.NASL", "SLACKWARE_SSA_2020-086-01.NASL", "SL_20151215_GRUB2_ON_SL7_X.NASL", "SL_20190806_KERNEL_ON_SL7_X.NASL", "SL_20190813_KERNEL_ON_SL6_X.NASL", "SL_20190903_KERNEL_ON_SL7_X.NASL", "SL_20191016_KERNEL_ON_SL7_X.NASL", "SL_20191113_KERNEL_ON_SL6_X.NASL", "SL_20200407_KERNEL_ON_SL7_X.NASL", "SL_20200407_MARIADB_ON_SL7_X.NASL", "SL_20201001_EXPAT_ON_SL7_X.NASL", "SL_20201001_KERNEL_ON_SL7_X.NASL", "SL_20210721_KERNEL_ON_SL7_X.NASL", "SMB_NT_MS19_JUL_4507435.NASL", "SMB_NT_MS19_JUL_4507448.NASL", "SMB_NT_MS19_JUL_4507449.NASL", "SMB_NT_MS19_JUL_4507450.NASL", "SMB_NT_MS19_JUL_4507452.NASL", "SMB_NT_MS19_JUL_4507453.NASL", "SMB_NT_MS19_JUL_4507455.NASL", "SMB_NT_MS19_JUL_4507458.NASL", "SMB_NT_MS19_JUL_4507460.NASL", "SMB_NT_MS19_JUL_4507462.NASL", "SMB_NT_MS19_JUL_4507469.NASL", "SOLARIS_JAN2016_SRU11_3_4_5_0.NASL", "SUSE_SU-2015-2385-1.NASL", "SUSE_SU-2015-2386-1.NASL", "SUSE_SU-2015-2387-1.NASL", "SUSE_SU-2015-2399-1.NASL", "SUSE_SU-2019-0110-1.NASL", "SUSE_SU-2019-14127-1.NASL", "SUSE_SU-2019-14157-1.NASL", "SUSE_SU-2019-14218-1.NASL", "SUSE_SU-2019-1527-1.NASL", "SUSE_SU-2019-1529-1.NASL", "SUSE_SU-2019-1530-1.NASL", "SUSE_SU-2019-1532-1.NASL", "SUSE_SU-2019-1533-1.NASL", "SUSE_SU-2019-1534-1.NASL", "SUSE_SU-2019-1535-1.NASL", "SUSE_SU-2019-1536-1.NASL", "SUSE_SU-2019-1550-1.NASL", "SUSE_SU-2019-1668-1.NASL", "SUSE_SU-2019-1671-1.NASL", "SUSE_SU-2019-1692-1.NASL", "SUSE_SU-2019-1823-1.NASL", "SUSE_SU-2019-1829-1.NASL", "SUSE_SU-2019-1834-1.NASL", "SUSE_SU-2019-1835-1.NASL", "SUSE_SU-2019-1851-1.NASL", "SUSE_SU-2019-1852-1.NASL", "SUSE_SU-2019-1854-1.NASL", "SUSE_SU-2019-1855-1.NASL", "SUSE_SU-2019-1948-1.NASL", "SUSE_SU-2019-2068-1.NASL", "SUSE_SU-2019-2070-1.NASL", "SUSE_SU-2019-2071-1.NASL", "SUSE_SU-2019-2072-1.NASL", "SUSE_SU-2019-2073-1.NASL", "SUSE_SU-2019-2158-1.NASL", "SUSE_SU-2019-2159-1.NASL", "SUSE_SU-2019-2228-1.NASL", "SUSE_SU-2019-2262-1.NASL", "SUSE_SU-2019-2263-1.NASL", "SUSE_SU-2019-2299-1.NASL", "SUSE_SU-2019-2412-1.NASL", "SUSE_SU-2019-2414-1.NASL", "SUSE_SU-2019-2424-1.NASL", "SUSE_SU-2019-2430-1.NASL", "SUSE_SU-2019-2648-1.NASL", "SUSE_SU-2019-2687-1.NASL", "SUSE_SU-2019-2702-1.NASL", "SUSE_SU-2019-2707-1.NASL", "SUSE_SU-2019-2738-1.NASL", "SUSE_SU-2019-2821-1.NASL", "SUSE_SU-2019-2949-1.NASL", "SUSE_SU-2019-2950-1.NASL", "SUSE_SU-2019-2984-1.NASL", "SUSE_SU-2019-3061-1.NASL", "SUSE_SU-2019-3228-1.NASL", "SUSE_SU-2019-3230-1.NASL", "SUSE_SU-2019-3232-1.NASL", "SUSE_SU-2019-3258-1.NASL", "SUSE_SU-2019-3260-1.NASL", "SUSE_SU-2019-3261-1.NASL", "SUSE_SU-2019-3263-1.NASL", "SUSE_SU-2019-3306-1.NASL", "SUSE_SU-2019-3316-1.NASL", "SUSE_SU-2019-3369-1.NASL", "SUSE_SU-2019-3379-1.NASL", "SUSE_SU-2019-3381-1.NASL", "SUSE_SU-2019-3389-1.NASL", "SUSE_SU-2020-0093-1.NASL", "SUSE_SU-2020-0394-1.NASL", "SUSE_SU-2020-0560-1.NASL", "SUSE_SU-2020-0584-1.NASL", "SUSE_SU-2020-0613-1.NASL", "SUSE_SU-2020-1255-1.NASL", "SUSE_SU-2020-14354-1.NASL", "SUSE_SU-2020-3060-1.NASL", "SUSE_SU-2020-3282-1.NASL", "SUSE_SU-2020-3283-1.NASL", "SUSE_SU-2020-3552-1.NASL", "SUSE_SU-2020-3798-1.NASL", "SUSE_SU-2021-0098-1.NASL", "SUSE_SU-2021-0118-1.NASL", "SUSE_SU-2021-0133-1.NASL", "SUSE_SU-2021-0434-1.NASL", "SUSE_SU-2021-0437-1.NASL", "SUSE_SU-2021-0438-1.NASL", "SUSE_SU-2021-0452-1.NASL", "SUSE_SU-2021-3192-1.NASL", "SUSE_SU-2021-3206-1.NASL", "SUSE_SU-2021-3217-1.NASL", "SUSE_SU-2021-3593-1.NASL", "SUSE_SU-2021-3876-1.NASL", "SUSE_SU-2021-3969-1.NASL", "SUSE_SU-2021-3972-1.NASL", "SUSE_SU-2022-2015-1.NASL", "SUSE_SU-2022-3263-1.NASL", "SUSE_SU-2022-3294-1.NASL", "UBUNTU_USN-2836-1.NASL", "UBUNTU_USN-4040-1.NASL", "UBUNTU_USN-4070-1.NASL", "UBUNTU_USN-4070-2.NASL", "UBUNTU_USN-4070-3.NASL", "UBUNTU_USN-4090-1.NASL", "UBUNTU_USN-4093-1.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4095-1.NASL", "UBUNTU_USN-4096-1.NASL", "UBUNTU_USN-4114-1.NASL", "UBUNTU_USN-4115-1.NASL", "UBUNTU_USN-4115-2.NASL", "UBUNTU_USN-4116-1.NASL", "UBUNTU_USN-4117-1.NASL", "UBUNTU_USN-4118-1.NASL", "UBUNTU_USN-4145-1.NASL", "UBUNTU_USN-4147-1.NASL", "UBUNTU_USN-4286-1.NASL", "UBUNTU_USN-4326-1.NASL", "UBUNTU_USN-4336-1.NASL", "UBUNTU_USN-4336-2.NASL", "VIRTUOZZO_VZA-2019-067.NASL", "VIRTUOZZO_VZA-2019-089.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105514", "OPENVAS:1361412562310108620", "OPENVAS:1361412562310108766", "OPENVAS:1361412562310108767", "OPENVAS:1361412562310121425", "OPENVAS:1361412562310122805", "OPENVAS:1361412562310131160", "OPENVAS:1361412562310142644", "OPENVAS:1361412562310142645", "OPENVAS:1361412562310142652", "OPENVAS:1361412562310142653", "OPENVAS:1361412562310142656", "OPENVAS:1361412562310142657", "OPENVAS:1361412562310142658", "OPENVAS:1361412562310142659", "OPENVAS:1361412562310703421", "OPENVAS:1361412562310704368", "OPENVAS:1361412562310704465", "OPENVAS:1361412562310704472", "OPENVAS:1361412562310704484", "OPENVAS:1361412562310704492", "OPENVAS:1361412562310704493", "OPENVAS:1361412562310704495", "OPENVAS:1361412562310704497", "OPENVAS:1361412562310806908", "OPENVAS:1361412562310815400", "OPENVAS:1361412562310815401", "OPENVAS:1361412562310815402", "OPENVAS:1361412562310815403", "OPENVAS:1361412562310815404", "OPENVAS:1361412562310815406", "OPENVAS:1361412562310815408", "OPENVAS:1361412562310815409", "OPENVAS:1361412562310815410", "OPENVAS:1361412562310815513", "OPENVAS:1361412562310815514", "OPENVAS:1361412562310842558", "OPENVAS:1361412562310844072", "OPENVAS:1361412562310844107", "OPENVAS:1361412562310844128", "OPENVAS:1361412562310844131", "OPENVAS:1361412562310844132", "OPENVAS:1361412562310844133", "OPENVAS:1361412562310844134", "OPENVAS:1361412562310844136", "OPENVAS:1361412562310844137", "OPENVAS:1361412562310844156", "OPENVAS:1361412562310844157", "OPENVAS:1361412562310844158", "OPENVAS:1361412562310844159", "OPENVAS:1361412562310844160", "OPENVAS:1361412562310844174", "OPENVAS:1361412562310844192", "OPENVAS:1361412562310844194", "OPENVAS:1361412562310844342", "OPENVAS:1361412562310844390", "OPENVAS:1361412562310844401", "OPENVAS:1361412562310851150", "OPENVAS:1361412562310851151", "OPENVAS:1361412562310851189", "OPENVAS:1361412562310852238", "OPENVAS:1361412562310852254", "OPENVAS:1361412562310852568", "OPENVAS:1361412562310852570", "OPENVAS:1361412562310852611", "OPENVAS:1361412562310852631", "OPENVAS:1361412562310852665", "OPENVAS:1361412562310852687", "OPENVAS:1361412562310852705", "OPENVAS:1361412562310852747", "OPENVAS:1361412562310852784", "OPENVAS:1361412562310852837", "OPENVAS:1361412562310852851", "OPENVAS:1361412562310852855", "OPENVAS:1361412562310852888", "OPENVAS:1361412562310852917", "OPENVAS:1361412562310852928", "OPENVAS:1361412562310852949", "OPENVAS:1361412562310852971", "OPENVAS:1361412562310853181", "OPENVAS:1361412562310871523", "OPENVAS:1361412562310875681", "OPENVAS:1361412562310875697", "OPENVAS:1361412562310876322", "OPENVAS:1361412562310876334", "OPENVAS:1361412562310876360", "OPENVAS:1361412562310876361", "OPENVAS:1361412562310876377", "OPENVAS:1361412562310876399", "OPENVAS:1361412562310876423", "OPENVAS:1361412562310876445", "OPENVAS:1361412562310876466", "OPENVAS:1361412562310876467", "OPENVAS:1361412562310876476", "OPENVAS:1361412562310876477", "OPENVAS:1361412562310876479", "OPENVAS:1361412562310876489", "OPENVAS:1361412562310876510", "OPENVAS:1361412562310876515", "OPENVAS:1361412562310876543", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310876566", "OPENVAS:1361412562310876577", "OPENVAS:1361412562310876583", "OPENVAS:1361412562310876586", "OPENVAS:1361412562310876611", "OPENVAS:1361412562310876621", "OPENVAS:1361412562310876630", "OPENVAS:1361412562310876634", "OPENVAS:1361412562310876638", "OPENVAS:1361412562310876647", "OPENVAS:1361412562310876648", "OPENVAS:1361412562310876652", "OPENVAS:1361412562310876653", "OPENVAS:1361412562310876660", "OPENVAS:1361412562310876666", "OPENVAS:1361412562310876696", "OPENVAS:1361412562310876698", "OPENVAS:1361412562310876701", "OPENVAS:1361412562310876745", "OPENVAS:1361412562310876750", "OPENVAS:1361412562310876753", "OPENVAS:1361412562310876754", "OPENVAS:1361412562310876809", "OPENVAS:1361412562310876841", "OPENVAS:1361412562310876869", "OPENVAS:1361412562310876925", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310876995", "OPENVAS:1361412562310876999", "OPENVAS:1361412562310877005", "OPENVAS:1361412562310877052", "OPENVAS:1361412562310877058", "OPENVAS:1361412562310877070", "OPENVAS:1361412562310877370", "OPENVAS:1361412562310877476", "OPENVAS:1361412562310877540", "OPENVAS:1361412562310883096", "OPENVAS:1361412562310883107", "OPENVAS:1361412562310883117", "OPENVAS:1361412562310883131", "OPENVAS:1361412562310891823", "OPENVAS:1361412562310891824", "OPENVAS:1361412562310891839", "OPENVAS:1361412562310891862", "OPENVAS:1361412562310891863", "OPENVAS:1361412562310891874", "OPENVAS:1361412562310891884", "OPENVAS:1361412562310891885", "OPENVAS:1361412562310891919", "OPENVAS:1361412562310891930", "OPENVAS:1361412562311220191636", "OPENVAS:1361412562311220191758", "OPENVAS:1361412562311220191783", "OPENVAS:1361412562311220191841", "OPENVAS:1361412562311220191919", "OPENVAS:1361412562311220191926", "OPENVAS:1361412562311220191935", "OPENVAS:1361412562311220191972", "OPENVAS:1361412562311220192063", "OPENVAS:1361412562311220192068", "OPENVAS:1361412562311220192081", "OPENVAS:1361412562311220192090", "OPENVAS:1361412562311220192099", "OPENVAS:1361412562311220192201", "OPENVAS:1361412562311220192274", "OPENVAS:1361412562311220192309", "OPENVAS:1361412562311220192353", "OPENVAS:1361412562311220192531", "OPENVAS:1361412562311220192543", "OPENVAS:1361412562311220192686", "OPENVAS:1361412562311220192693", "OPENVAS:1361412562311220201001", "OPENVAS:1361412562311220201074", "OPENVAS:1361412562311220201094", "OPENVAS:1361412562311220201142", "OPENVAS:1361412562311220201158", "OPENVAS:1361412562311220201186", "OPENVAS:1361412562311220201197", "OPENVAS:1361412562311220201269", "OPENVAS:1361412562311220201363", "OPENVAS:1361412562311220201372", "OPENVAS:1361412562311220201396", "OPENVAS:1361412562311220201452", "OPENVAS:1361412562311220201466", "OPENVAS:1361412562311220201548", "OPENVAS:1361412562311220201593", "OPENVAS:1361412562311220201635", "OPENVAS:1361412562311220201743", "OPENVAS:703421"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2020", "ORACLE:CPUAPR2021", "ORACLE:CPUJAN2016", "ORACLE:CPUJUL2019", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-2623", "ELSA-2019-2029", "ELSA-2019-2411", "ELSA-2019-2473", "ELSA-2019-2511", "ELSA-2019-2600", "ELSA-2019-2703", "ELSA-2019-2736", "ELSA-2019-3055", "ELSA-2019-3517", "ELSA-2019-3708", "ELSA-2019-3836", "ELSA-2019-4733", "ELSA-2019-4735", "ELSA-2019-4746", "ELSA-2019-4775", "ELSA-2019-4777", "ELSA-2019-4808", "ELSA-2019-4810", "ELSA-2019-4812", "ELSA-2019-4820", "ELSA-2019-4836", "ELSA-2019-4850", "ELSA-2019-4854", "ELSA-2019-4855", "ELSA-2019-4871", "ELSA-2019-4872", "ELSA-2019-4878", "ELSA-2020-1016", "ELSA-2020-1100", "ELSA-2020-1769", "ELSA-2020-3669", "ELSA-2020-3952", "ELSA-2020-4060", "ELSA-2020-4431", "ELSA-2020-4484", "ELSA-2020-5508", "ELSA-2020-5511", "ELSA-2020-5512", "ELSA-2020-5619-1", "ELSA-2020-5755", "ELSA-2020-5837", "ELSA-2020-5845", "ELSA-2020-5866", "ELSA-2021-1512", "ELSA-2021-2725", "ELSA-2021-9002", "ELSA-2021-9290", "ELSA-2021-9459"]}, {"type": "osv", "idList": ["OSV:DLA-1730-3", "OSV:DLA-1823-1", "OSV:DLA-1824-1", "OSV:DLA-1839-1", "OSV:DLA-1862-1", "OSV:DLA-1863-1", "OSV:DLA-1874-1", "OSV:DLA-1884-1", "OSV:DLA-1885-1", "OSV:DLA-1919-1", "OSV:DLA-1930-1", "OSV:DLA-2848-1", "OSV:DLA-368-1", "OSV:DSA-3421-1", "OSV:DSA-4368-1", "OSV:DSA-4465-1", "OSV:DSA-4472-1", "OSV:DSA-4484-1", "OSV:DSA-4492-1", "OSV:DSA-4493-1", "OSV:DSA-4495-1", "OSV:DSA-4497-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:154957", "PACKETSTORM:156929", "PACKETSTORM:165051"]}, {"type": "photon", "idList": ["PHSA-2016-0012", "PHSA-2019-0026", "PHSA-2019-0171", "PHSA-2019-0172", "PHSA-2019-0173", "PHSA-2019-0175", "PHSA-2019-0178", "PHSA-2019-0189", "PHSA-2019-0190", "PHSA-2019-0245", "PHSA-2019-0247", "PHSA-2019-0248", "PHSA-2019-0249", "PHSA-2019-0250", "PHSA-2019-0251", "PHSA-2019-0257", "PHSA-2019-1.0-0247", "PHSA-2019-1.0-0248", "PHSA-2019-1.0-0249", "PHSA-2019-1.0-0251", "PHSA-2019-1.0-0257", "PHSA-2019-2.0-0171", "PHSA-2019-2.0-0173", "PHSA-2019-2.0-0175", "PHSA-2019-2.0-0190", "PHSA-2020-0153", "PHSA-2020-0225", "PHSA-2020-0279", "PHSA-2020-1.0-0279", "PHSA-2020-2.0-0225", "PHSA-2020-3.0-0118", "PHSA-2020-3.0-0153"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2019-10208"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3"]}, {"type": "redhat", "idList": ["RHSA-2015:2623", "RHSA-2019:1973", "RHSA-2019:2029", "RHSA-2019:2043", "RHSA-2019:2405", "RHSA-2019:2411", "RHSA-2019:2473", "RHSA-2019:2476", "RHSA-2019:2484", "RHSA-2019:2511", "RHSA-2019:2600", "RHSA-2019:2609", "RHSA-2019:2695", "RHSA-2019:2696", "RHSA-2019:2703", "RHSA-2019:2730", "RHSA-2019:2741", "RHSA-2019:2809", "RHSA-2019:2899", "RHSA-2019:2900", "RHSA-2019:2975", "RHSA-2019:3011", "RHSA-2019:3055", "RHSA-2019:3076", "RHSA-2019:3089", "RHSA-2019:3220", "RHSA-2019:3309", "RHSA-2019:3517", "RHSA-2019:3708", "RHSA-2019:3836", "RHSA-2019:3967", "RHSA-2019:4058", "RHSA-2020:0174", "RHSA-2020:0204", "RHSA-2020:0980", "RHSA-2020:1016", "RHSA-2020:1070", "RHSA-2020:1100", "RHSA-2020:1567", "RHSA-2020:1769", "RHSA-2020:2289", "RHSA-2020:2522", "RHSA-2020:2644", "RHSA-2020:2646", "RHSA-2020:3669", "RHSA-2020:3952", "RHSA-2020:4060", "RHSA-2020:4062", "RHSA-2020:4174", "RHSA-2020:4254", "RHSA-2020:4255", "RHSA-2020:4264", "RHSA-2020:4295", "RHSA-2020:4431", "RHSA-2020:4484", "RHSA-2020:4609", "RHSA-2020:4846", "RHSA-2020:5149", "RHSA-2020:5246", "RHSA-2020:5364", "RHSA-2020:5605", "RHSA-2020:5619", "RHSA-2020:5633", "RHSA-2020:5635", "RHSA-2020:5661", "RHSA-2020:5663", "RHSA-2020:5664", "RHSA-2021:0050", "RHSA-2021:0146", "RHSA-2021:0164", "RHSA-2021:0166", "RHSA-2021:0167", "RHSA-2021:0190", "RHSA-2021:0436", "RHSA-2021:0778", "RHSA-2021:0799", "RHSA-2021:0949", "RHSA-2021:1079", "RHSA-2021:1129", "RHSA-2021:1512", "RHSA-2021:2021", "RHSA-2021:2725", "RHSA-2021:2726", "RHSA-2021:3016", "RHSA-2021:3987", "RHSA-2022:0056"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-20843", "RH:CVE-2019-10126", "RH:CVE-2019-10208", "RH:CVE-2019-10638", "RH:CVE-2019-1125", "RH:CVE-2019-12972", "RH:CVE-2019-13115", "RH:CVE-2019-13272", "RH:CVE-2019-14241", "RH:CVE-2019-14250", "RH:CVE-2019-14283", "RH:CVE-2019-14284", "RH:CVE-2019-14444", "RH:CVE-2019-15090", "RH:CVE-2019-15211", "RH:CVE-2019-15213", "RH:CVE-2019-15215", "RH:CVE-2019-15220", "RH:CVE-2019-15807", "RH:CVE-2019-15925", "RH:CVE-2019-15926", "RH:CVE-2019-17351", "RH:CVE-2019-20934", "RH:CVE-2019-2737", "RH:CVE-2019-2738", "RH:CVE-2019-2739", "RH:CVE-2019-2740", "RH:CVE-2019-2741", "RH:CVE-2019-2789", "RH:CVE-2019-2795", "RH:CVE-2019-2796", "RH:CVE-2019-2797", "RH:CVE-2019-2798", "RH:CVE-2019-2800", "RH:CVE-2019-2801", "RH:CVE-2019-2802", "RH:CVE-2019-2803", "RH:CVE-2019-2805", "RH:CVE-2019-2808", "RH:CVE-2019-2810", "RH:CVE-2019-2811", "RH:CVE-2019-2812", "RH:CVE-2019-2814", "RH:CVE-2019-2815", "RH:CVE-2019-2819", "RH:CVE-2019-2822", "RH:CVE-2019-2826", "RH:CVE-2019-2830", "RH:CVE-2019-2834", "RH:CVE-2019-2879", "RH:CVE-2019-3846", "RH:CVE-2019-3900", "RH:CVE-2019-6250"]}, {"type": "rocky", "idList": ["RLSA-2019:2511", "RLSA-2019:3708", "RLSA-2020:4484", "RLSA-2020:4846"]}, {"type": "slackware", "idList": ["SSA-2015-351-01", "SSA-2019-202-01", "SSA-2019-213-01", "SSA-2019-226-01", "SSA-2019-311-01", "SSA-2020-086-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:2375-1", "OPENSUSE-SU-2015:2392-1", "OPENSUSE-SU-2016:0036-1", "OPENSUSE-SU-2019:0064-1", "OPENSUSE-SU-2019:0087-1", "OPENSUSE-SU-2019:1570-1", "OPENSUSE-SU-2019:1571-1", "OPENSUSE-SU-2019:1579-1", "OPENSUSE-SU-2019:1716-1", "OPENSUSE-SU-2019:1757-1", "OPENSUSE-SU-2019:1777-1", "OPENSUSE-SU-2019:1923-1", "OPENSUSE-SU-2019:1924-1", "OPENSUSE-SU-2019:2062-1", "OPENSUSE-SU-2019:2173-1", "OPENSUSE-SU-2019:2181-1", "OPENSUSE-SU-2019:2364-1", "OPENSUSE-SU-2019:2365-1", "OPENSUSE-SU-2019:2555-1", "OPENSUSE-SU-2019:2556-1", "OPENSUSE-SU-2019:2675-1", "OPENSUSE-SU-2019:2698-1", "OPENSUSE-SU-2020:0716-1", "OPENSUSE-SU-2020:1227-1", "OPENSUSE-SU-2020:1790-1", "OPENSUSE-SU-2020:1804-1", "OPENSUSE-SU-2020:1930-1", "OPENSUSE-SU-2021:0075-1", "OPENSUSE-SU-2021:3876-1", "SUSE-SU-2015:2385-1", "SUSE-SU-2015:2386-1", "SUSE-SU-2015:2387-1", "SUSE-SU-2015:2399-1"]}, {"type": "symantec", "idList": ["SMNTC-110348", "SMNTC-111290"]}, {"type": "thn", "idList": ["THN:960C1B9817E3CB5C4AF1E8867B27BE72", "THN:E3EB255FBC069136903C8881DF473DF0"]}, {"type": "threatpost", "idList": ["THREATPOST:25B39CC0AC8A2CF8DE7334F890A87907", "THREATPOST:D0762E9D61E59AD261E8F24340AE261C"]}, {"type": "ubuntu", "idList": ["USN-2836-1", "USN-4040-1", "USN-4040-2", "USN-4070-1", "USN-4070-2", "USN-4070-3", "USN-4090-1", "USN-4093-1", "USN-4094-1", "USN-4095-1", "USN-4095-2", "USN-4096-1", "USN-4114-1", "USN-4115-1", "USN-4115-2", "USN-4116-1", "USN-4117-1", "USN-4118-1", "USN-4145-1", "USN-4147-1", "USN-4286-1", "USN-4286-2", "USN-4326-1", "USN-4336-1", "USN-4336-2", "USN-4852-1", "USN-5308-1", "USN-5455-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-8370", "UB:CVE-2018-20843", "UB:CVE-2019-10126", "UB:CVE-2019-10208", "UB:CVE-2019-10638", "UB:CVE-2019-1125", "UB:CVE-2019-12972", "UB:CVE-2019-13103", "UB:CVE-2019-13115", "UB:CVE-2019-13272", "UB:CVE-2019-14241", "UB:CVE-2019-14250", "UB:CVE-2019-14283", "UB:CVE-2019-14284", "UB:CVE-2019-14444", "UB:CVE-2019-15090", "UB:CVE-2019-15211", "UB:CVE-2019-15213", "UB:CVE-2019-15215", "UB:CVE-2019-15220", "UB:CVE-2019-15807", "UB:CVE-2019-15925", "UB:CVE-2019-15926", "UB:CVE-2019-17351", "UB:CVE-2019-20934", "UB:CVE-2019-2737", "UB:CVE-2019-2738", "UB:CVE-2019-2739", "UB:CVE-2019-2740", "UB:CVE-2019-2741", "UB:CVE-2019-2789", "UB:CVE-2019-2795", "UB:CVE-2019-2796", "UB:CVE-2019-2797", "UB:CVE-2019-2798", "UB:CVE-2019-2800", "UB:CVE-2019-2801", "UB:CVE-2019-2802", "UB:CVE-2019-2803", "UB:CVE-2019-2805", "UB:CVE-2019-2808", "UB:CVE-2019-2810", "UB:CVE-2019-2811", "UB:CVE-2019-2812", "UB:CVE-2019-2814", "UB:CVE-2019-2815", "UB:CVE-2019-2819", "UB:CVE-2019-2822", "UB:CVE-2019-2826", "UB:CVE-2019-2830", "UB:CVE-2019-2834", "UB:CVE-2019-2879", "UB:CVE-2019-3846", "UB:CVE-2019-3900", "UB:CVE-2019-6250"]}, {"type": "veracode", "idList": ["VERACODE:13334", "VERACODE:20639", "VERACODE:21070", "VERACODE:21203", "VERACODE:21266", "VERACODE:21267", "VERACODE:21268", "VERACODE:21269", "VERACODE:21279", "VERACODE:21280", "VERACODE:21281", "VERACODE:21282", "VERACODE:21283", "VERACODE:21284", "VERACODE:21285", "VERACODE:21286", "VERACODE:21287", "VERACODE:21288", "VERACODE:21289", "VERACODE:21290", "VERACODE:21291", "VERACODE:21292", "VERACODE:21293", "VERACODE:21294", "VERACODE:21295", "VERACODE:21296", "VERACODE:21297", "VERACODE:21298", "VERACODE:21299", "VERACODE:21703", "VERACODE:21704", "VERACODE:21820", "VERACODE:22924", "VERACODE:25102", "VERACODE:26830", "VERACODE:26836", "VERACODE:27188", "VERACODE:27661", "VERACODE:27752", "VERACODE:31293"]}, {"type": "virtuozzo", "idList": ["VZA-2019-066", "VZA-2019-067", "VZA-2019-088", "VZA-2019-089"]}, {"type": "xen", "idList": ["XSA-300"]}, {"type": "zdt", "idList": ["1337DAY-ID-32994", "1337DAY-ID-33027", "1337DAY-ID-33410", "1337DAY-ID-33968", "1337DAY-ID-34151", "1337DAY-ID-37072"]}]}, "score": {"value": 7.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:4431", "ALSA-2020:4846"]}, {"type": "amazon", "idList": ["ALAS-2019-1232", "ALAS-2019-1253", "ALAS-2019-1296", "ALAS-2019-1297"]}, {"type": "androidsecurity", "idList": ["ANDROID:2019-12-01"]}, {"type": "archlinux", "idList": ["ASA-201908-8"]}, {"type": "attackerkb", "idList": ["AKB:ADDB2585-1F1E-4954-96CC-D10B59171D41"]}, {"type": "centos", "idList": ["CESA-2019:2029", "CESA-2019:2473", "CESA-2019:2600", "CESA-2019:3055", "CESA-2020:1016", "CESA-2020:1100"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0253", "CPAI-2019-1618"]}, {"type": "cisa", "idList": ["CISA:715DF5B957A42D91B3B79897B8FD61F2"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:3CD9371F7B812821D289B3B89526722F", "CFOUNDRY:40058483A2E2195544934D494FF464F7", "CFOUNDRY:7CB555AB5BF153DCFD2739FA7E150C76", "CFOUNDRY:A005A5D22D18F966EBF6C011F833E895", "CFOUNDRY:BD71AB043932448695E8B3D20302D582", "CFOUNDRY:D2095944B38019F3860438162F040964", "CFOUNDRY:E9CE0268DAFD76AE052E27B69A06ACBD"]}, {"type": "cloudlinux", "idList": ["CLSA-2021:1640621287"]}, {"type": "cve", "idList": ["CVE-2019-10208", "CVE-2019-10638", "CVE-2019-1125", "CVE-2019-12972", "CVE-2019-13115", "CVE-2019-13272", "CVE-2019-14241", "CVE-2019-14250", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-15090", "CVE-2019-15211", "CVE-2019-15213", "CVE-2019-15215", "CVE-2019-15220", "CVE-2019-15807", "CVE-2019-15925", "CVE-2019-17351", "CVE-2019-2737", "CVE-2019-2738", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2741", "CVE-2019-2789", "CVE-2019-2795", "CVE-2019-2796", "CVE-2019-2797", "CVE-2019-2798", "CVE-2019-2800", "CVE-2019-2801", "CVE-2019-2802", "CVE-2019-2803", "CVE-2019-2805", "CVE-2019-2808", "CVE-2019-2810", "CVE-2019-2811", "CVE-2019-2812", "CVE-2019-2814", "CVE-2019-2815", "CVE-2019-2819", "CVE-2019-2822", "CVE-2019-2826", "CVE-2019-2830", "CVE-2019-2834", "CVE-2019-2879", "CVE-2019-6250"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1730-3:1714C", "DEBIAN:DLA-1839-1:728E0", "DEBIAN:DLA-1862-1:8E150", "DEBIAN:DLA-1863-1:26EA8", "DEBIAN:DLA-1884-1:61F35", "DEBIAN:DLA-1885-1:84558", "DEBIAN:DLA-1919-1:239EC", "DEBIAN:DLA-1919-2:858F8", "DEBIAN:DLA-1930-1:DFCDE", "DEBIAN:DSA-4368-1:7CC0F", "DEBIAN:DSA-4472-1:97343", "DEBIAN:DSA-4484-1:9995E", "DEBIAN:DSA-4492-1:37E5A", "DEBIAN:DSA-4493-1:8689B", "DEBIAN:DSA-4495-1:1269E", "DEBIAN:DSA-4497-1:7E46B"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-12972", "DEBIANCVE:CVE-2019-14250", "DEBIANCVE:CVE-2019-14444", "DEBIANCVE:CVE-2019-6250"]}, {"type": "exploitdb", "idList": ["EDB-ID:47163", "EDB-ID:47543"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:B9569B6E7A5B893D9E83922DA7DE24BA"]}, {"type": "f5", "idList": ["F5:K02585438", "F5:K03444640", "F5:K04831884", "F5:K10754336", "F5:K13322484", "F5:K19194273", "F5:K23125024", "F5:K31085564", "F5:K51011533", "F5:K51272092", "F5:K84141449", "F5:K91025336", "F5:K95593121"]}, {"type": "fedora", "idList": ["FEDORA:041196190421", "FEDORA:04868606351B", "FEDORA:06474609492B", "FEDORA:07B5A6CB4421", "FEDORA:18B6A601B8F9", "FEDORA:1BD5B6389B47", "FEDORA:1CAC0608E6F2", "FEDORA:2836F613193B", "FEDORA:2AECA6077DF6", "FEDORA:2C7766722DB4", "FEDORA:344346042F3E", "FEDORA:3A3766C5B5A2", "FEDORA:3A69E60B3E88", "FEDORA:3C394606D98F", "FEDORA:3F6FC603B27A", "FEDORA:4002B609954A", "FEDORA:49A0E6048FEB", "FEDORA:4CEF5610D7CA", "FEDORA:4F21B6125E50", "FEDORA:511986124F82", "FEDORA:511A7608E6E1", "FEDORA:54AA460F2356", "FEDORA:562EC60F8F22", "FEDORA:59E3F606D998", "FEDORA:5A4D662AE22C", "FEDORA:5BC786077CC2", "FEDORA:690DE6022BA8", "FEDORA:6976D62A089B", "FEDORA:6B43460C450E", "FEDORA:6D98A6187237", "FEDORA:6E67663233DB", "FEDORA:754F860A98ED", "FEDORA:79EAC605FC25", "FEDORA:84FBF6179A05", "FEDORA:89C9C6051B3A", "FEDORA:9801060D30FA", "FEDORA:98E8F6079A11", "FEDORA:99396612EAD6", "FEDORA:9BEAD610ED74", "FEDORA:A0C3B66ADC4F", "FEDORA:A29B160972B0", "FEDORA:B8E1B6130727", "FEDORA:BDA53610ED61", "FEDORA:BF5EC607125E", "FEDORA:C0A4560C423F", "FEDORA:C1EA6603ECEC", "FEDORA:C4D496071279", "FEDORA:C63656040AE1", "FEDORA:C6AF860C4240", "FEDORA:C7391611860D", "FEDORA:CB0956087865", "FEDORA:D3523607924A", "FEDORA:DBC4662F3455", "FEDORA:DD3AE60954BE", "FEDORA:E37FD60924F1", "FEDORA:F02C560914F4", "FEDORA:F16B360F62FC"]}, {"type": "fortinet", "idList": ["FG-IR-18-002"]}, {"type": "freebsd", "idList": ["198E6220-AC8B-11E9-A1C7-B499BAEBFEAF", "8E48365A-214D-11E9-9F8A-0050562A4D7B"]}, {"type": "gentoo", "idList": ["GLSA-201903-22"]}, {"type": "githubexploit", "idList": ["21C02459-836A-5B10-9130-27953475DA2A", "3EFA325D-5BA7-5EF3-9D27-F1E642D0DE95", "8C344C6F-D882-5801-AA22-22F5F3F4B4DB", "9C610830-420D-566B-A8AD-A6735753E27F", "A5372B0E-E434-566F-91EF-9BAF5D8CD2DA", "BFC7AA0E-B692-55B8-BECA-F6DAF024FADD", "C332FD21-E85D-5C7D-95FC-3CF453E1E5B9", "DADF6C7C-8CAD-5148-81FC-1572BAD544E9"]}, {"type": "hackerone", "idList": ["H1:477073"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20200408-01-SWAPGS"]}, {"type": "ibm", "idList": ["17DD2FC3DAC01BFB1E2178DA47F25229A0CD3E9D0AEE278A3C16F19757719E13", "1CF1618B946664C6B8A31958BD741A588CA86C4B899FD74EA531E60E214C2007", "4A91EBA290B30504A8EF2EE87060FA1D3D5EF2F7A2869B4D9ACCE1C477DA4795", "4BB2759DF5CBB6BF54A7D60BF1046942C755D661255DAAC4EF3C0614D1A3AF9A", "505AA9046670EC3A58A3F57E2932EB46B317BDB83A271F3A6627D59B7D958183", "577E6752CB94DC8755F2E4A38D9BA5117DD396F8C762252ACA978966E42D7766", "5C971ABE298E715E4DD664F197820425272400B40C52EF433CFD40BAFACB63C8", "6008235F2B5AB889012327334B8370A8EE655F77D3C7C13C1112DD6F096D05B1", "683AA37B653363FD02791BC7A1F7CD150251CE22393F2B9CFA26550B7F995A3A", "6A0CE211061F295D9D98B616DAAADA0A43895F1108ACB08AF6BC99BC646F2753", "6F5E7455D08E55E4F9F3DFA8B8B618487EC9BFDDC4FCB87851672633689609AB", "7BEBE6C769A16D13746B813CF456C36F85AE1B1A1CBD26E71A53BD6E5B34E2F4", "8B24753FF8758BF51E7C6001AC39E0EF90B14323A9756CCEF8AC68E99EF03367", "9B3C2542A224A170177BC588D64FBAC641AEB3A7ED64BDCAE097C03AA1143EDF", "A435141E9D6894F7CA102FDB03C29288BC56B476D91906B1B0E7FA8301E0D89A", "AA3B70CE1898210855F90ABED1D1F346DBCD83F5C44D5AC97D28B475B6E14D11", "B68653AE8B3B701FAB183C54D344C9C2EE03602A2C7365EC7CF172320BA1AA2E", "C1496EC4045B1D46025659B86814D1D0EF8F5054AB7B5935417CDC9116D1E1FD", "D11A0C2CC15BB8D7B04868F2862A15D1963924B4812649E2D326C9951AF9DCE2", "D90882A3E95B0A521011936122CA086C48D9FEF441869C5BF302F67319C3A703", "DB8E4E659E64514548095D982131905FB3A6F5608C5916769B8820AA6A05133D", "DE367A059D35C909557795AD50F02620921B5CC13CC7F375C7C2F83A009A984C", "F1597C42F7058EC5355D537CF0B5CCCD3381E08D913C94048A42E00058BB7270", "F479B1D4D6CE6F94562BE83AEBC7D30E6633A6727AB24138B99039D7EB3AB70F"]}, {"type": "ics", "idList": ["ICSA-19-344-03"]}, {"type": "kaspersky", "idList": ["KLA11529", "KLA11539", "KLA11696", "KLA11700"]}, {"type": "lenovo", "idList": ["LENOVO:PS500167-SPECULATIVE-EXECUTION-SIDE-CHANNEL-VULNERABILITY-VARIANTS-NOSID"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/LINUX/LOCAL/PTRACE_TRACEME_PKEXEC_HELPER", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP2-CVE-2019-14444/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2019-14444/"]}, {"type": "mscve", "idList": ["MS:CVE-2019-1125"]}, {"type": "mskb", "idList": ["KB4507450", "KB4507455"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1232.NASL", "AL2_ALAS-2019-1253.NASL", "ALA_ALAS-2019-1232.NASL", "ALA_ALAS-2019-1253.NASL", "ALA_ALAS-2019-1296.NASL", "ALA_ALAS-2019-1297.NASL", "CENTOS_RHSA-2019-2029.NASL", "CENTOS_RHSA-2019-2473.NASL", "CENTOS_RHSA-2019-2600.NASL", "CENTOS_RHSA-2019-3055.NASL", "CENTOS_RHSA-2020-1016.NASL", "CENTOS_RHSA-2020-1100.NASL", "DEBIAN_DLA-1823.NASL", "DEBIAN_DLA-1824.NASL", "DEBIAN_DLA-1839.NASL", "DEBIAN_DLA-1862.NASL", "DEBIAN_DLA-1863.NASL", "DEBIAN_DLA-1874.NASL", "DEBIAN_DLA-1884.NASL", "DEBIAN_DLA-1885.NASL", "DEBIAN_DLA-1919.NASL", "DEBIAN_DLA-1930.NASL", "DEBIAN_DSA-4368.NASL", "DEBIAN_DSA-4465.NASL", "DEBIAN_DSA-4472.NASL", "DEBIAN_DSA-4484.NASL", "DEBIAN_DSA-4492.NASL", "DEBIAN_DSA-4493.NASL", "DEBIAN_DSA-4495.NASL", "DEBIAN_DSA-4497.NASL", "EULEROS_SA-2019-1636.NASL", "EULEROS_SA-2019-1758.NASL", "EULEROS_SA-2019-1783.NASL", "EULEROS_SA-2019-1841.NASL", "EULEROS_SA-2019-1919.NASL", "EULEROS_SA-2019-1926.NASL", "EULEROS_SA-2019-1935.NASL", "EULEROS_SA-2019-2068.NASL", "EULEROS_SA-2019-2081.NASL", "EULEROS_SA-2019-2090.NASL", "EULEROS_SA-2019-2309.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2019-2531.NASL", "EULEROS_SA-2019-2543.NASL", "EULEROS_SA-2019-2686.NASL", "EULEROS_SA-2020-1363.NASL", "EULEROS_SA-2020-1372.NASL", "EULEROS_SA-2020-1452.NASL", "EULEROS_SA-2020-1466.NASL", "FEDORA_2019-139FCDA84D.NASL", "FEDORA_2019-18868E1715.NASL", "FEDORA_2019-5885663621.NASL", "FEDORA_2019-5FBBF73269.NASL", "FEDORA_2019-6BDA4C81F4.NASL", "FEDORA_2019-7EC378191E.NASL", "FEDORA_2019-8219EFA9F6.NASL", "FEDORA_2019-87D807D7CB.NASL", "FEDORA_2019-96516CE0AC.NASL", "FEDORA_2019-986FCE48B4.NASL", "FEDORA_2019-9D85600FC7.NASL", "FEDORA_2019-A6CD583A8D.NASL", "FEDORA_2019-A95015E60F.NASL", "FEDORA_2019-C106E46A95.NASL", "FEDORA_2019-E37C348348.NASL", "FEDORA_2019-F40BD7826F.NASL", "FREEBSD_PKG_198E6220AC8B11E9A1C7B499BAEBFEAF.NASL", "FREEBSD_PKG_8E48365A214D11E99F8A0050562A4D7B.NASL", "FREEBSD_PKG_9DE4C1C1B9EE11E982AA6CC21735F730.NASL", "GENTOO_GLSA-201903-22.NASL", "NEWSTART_CGSL_NS-SA-2019-0177_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0180_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0183_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0189_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0200_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0221_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0222_KERNEL-RT.NASL", "OPENSUSE-2019-1570.NASL", "OPENSUSE-2019-1571.NASL", "OPENSUSE-2019-1579.NASL", "OPENSUSE-2019-1716.NASL", "OPENSUSE-2019-1757.NASL", "OPENSUSE-2019-1777.NASL", "OPENSUSE-2019-1923.NASL", "OPENSUSE-2019-1924.NASL", "OPENSUSE-2019-2062.NASL", "OPENSUSE-2019-2173.NASL", "OPENSUSE-2019-2181.NASL", "OPENSUSE-2019-2364.NASL", "OPENSUSE-2019-2365.NASL", "OPENSUSE-2019-2675.NASL", "OPENSUSE-2019-2698.NASL", "OPENSUSE-2019-64.NASL", "OPENSUSE-2019-87.NASL", "OPENSUSE-2020-1930.NASL", "OPENSUSE-2021-3876.NASL", "ORACLELINUX_ELSA-2019-2411.NASL", "ORACLELINUX_ELSA-2019-2473.NASL", "ORACLELINUX_ELSA-2019-2511.NASL", "ORACLELINUX_ELSA-2019-2600.NASL", "ORACLELINUX_ELSA-2019-2703.NASL", "ORACLELINUX_ELSA-2019-3055.NASL", "ORACLELINUX_ELSA-2019-4735.NASL", "ORACLELINUX_ELSA-2019-4746.NASL", "ORACLELINUX_ELSA-2019-4775.NASL", "ORACLELINUX_ELSA-2019-4777.NASL", "ORACLELINUX_ELSA-2019-4808.NASL", "ORACLELINUX_ELSA-2019-4810.NASL", "ORACLELINUX_ELSA-2019-4812.NASL", "ORACLELINUX_ELSA-2019-4820.NASL", "ORACLELINUX_ELSA-2019-4871.NASL", "ORACLELINUX_ELSA-2019-4872.NASL", "ORACLELINUX_ELSA-2019-4878.NASL", "ORACLELINUX_ELSA-2020-56191.NASL", "ORACLELINUX_ELSA-2021-9459.NASL", "ORACLEVM_OVMSA-2019-0038.NASL", "ORACLEVM_OVMSA-2019-0046.NASL", "ORACLEVM_OVMSA-2021-0031.NASL", "PHOTONOS_PHSA-2019-1_0-0247_EXPAT.NASL", "PHOTONOS_PHSA-2019-1_0-0249_HAPROXY.NASL", "PHOTONOS_PHSA-2019-1_0-0251_LINUX.NASL", "PHOTONOS_PHSA-2019-2_0-0171_EXPAT.NASL", "PHOTONOS_PHSA-2019-2_0-0173_BINUTILS.NASL", "PHOTONOS_PHSA-2019-3_0-0026_BINUTILS.NASL", "PHOTONOS_PHSA-2019-3_0-0026_EXPAT.NASL", "PHOTONOS_PHSA-2019-3_0-0026_HAPROXY.NASL", "PHOTONOS_PHSA-2019-3_0-0026_LIBSSH2.NASL", "PHOTONOS_PHSA-2019-3_0-0026_LINUX.NASL", "PHOTONOS_PHSA-2019-3_0-0026_MYSQL.NASL", "PHOTONOS_PHSA-2019-3_0-0026_ZEROMQ.NASL", "PHOTONOS_PHSA-2020-2_0-0225_LINUX.NASL", "PHOTONOS_PHSA-209-2_0-0175_LINUX.NASL", "POSTGRESQL_20190808.NASL", "REDHAT-RHSA-2019-1973.NASL", "REDHAT-RHSA-2019-2029.NASL", "REDHAT-RHSA-2019-2043.NASL", "REDHAT-RHSA-2019-2405.NASL", "REDHAT-RHSA-2019-2411.NASL", "REDHAT-RHSA-2019-2473.NASL", "REDHAT-RHSA-2019-2476.NASL", "REDHAT-RHSA-2019-2511.NASL", "REDHAT-RHSA-2019-2600.NASL", "REDHAT-RHSA-2019-2609.NASL", "REDHAT-RHSA-2019-2695.NASL", "REDHAT-RHSA-2019-2696.NASL", "REDHAT-RHSA-2019-2703.NASL", "REDHAT-RHSA-2019-2730.NASL", "REDHAT-RHSA-2019-2741.NASL", "REDHAT-RHSA-2019-2809.NASL", "REDHAT-RHSA-2019-2899.NASL", "REDHAT-RHSA-2019-2900.NASL", "REDHAT-RHSA-2019-2975.NASL", "REDHAT-RHSA-2019-3011.NASL", "REDHAT-RHSA-2019-3055.NASL", "REDHAT-RHSA-2019-3076.NASL", "REDHAT-RHSA-2019-3089.NASL", "REDHAT-RHSA-2019-3220.NASL", "REDHAT-RHSA-2019-3967.NASL", "REDHAT-RHSA-2019-4058.NASL", "REDHAT-RHSA-2020-1016.NASL", "REDHAT-RHSA-2020-1070.NASL", "REDHAT-RHSA-2020-4484.NASL", "REDHAT-RHSA-2020-5661.NASL", "REDHAT-RHSA-2020-5663.NASL", "REDHAT-RHSA-2020-5664.NASL", "SLACKWARE_SSA_2019-202-01.NASL", "SLACKWARE_SSA_2019-213-01.NASL", "SLACKWARE_SSA_2019-226-01.NASL", "SL_20190806_KERNEL_ON_SL7_X.NASL", "SL_20190813_KERNEL_ON_SL6_X.NASL", "SL_20190903_KERNEL_ON_SL7_X.NASL", "SL_20191016_KERNEL_ON_SL7_X.NASL", "SMB_NT_MS19_JUL_4507435.NASL", "SMB_NT_MS19_JUL_4507448.NASL", "SMB_NT_MS19_JUL_4507450.NASL", "SMB_NT_MS19_JUL_4507453.NASL", "SMB_NT_MS19_JUL_4507455.NASL", "SMB_NT_MS19_JUL_4507458.NASL", "SMB_NT_MS19_JUL_4507460.NASL", "SMB_NT_MS19_JUL_4507462.NASL", "SMB_NT_MS19_JUL_4507469.NASL", "SUSE_SU-2019-0110-1.NASL", "SUSE_SU-2019-1527-1.NASL", "SUSE_SU-2019-1529-1.NASL", "SUSE_SU-2019-1530-1.NASL", "SUSE_SU-2019-1532-1.NASL", "SUSE_SU-2019-1533-1.NASL", "SUSE_SU-2019-1534-1.NASL", "SUSE_SU-2019-1535-1.NASL", "SUSE_SU-2019-1536-1.NASL", "SUSE_SU-2019-1550-1.NASL", "SUSE_SU-2019-1668-1.NASL", "SUSE_SU-2019-1671-1.NASL", "SUSE_SU-2019-1692-1.NASL", "SUSE_SU-2019-1823-1.NASL", "SUSE_SU-2019-1829-1.NASL", "SUSE_SU-2019-1834-1.NASL", "SUSE_SU-2019-1835-1.NASL", "SUSE_SU-2019-1851-1.NASL", "SUSE_SU-2019-1852-1.NASL", "SUSE_SU-2019-1854-1.NASL", "SUSE_SU-2019-1855-1.NASL", "SUSE_SU-2019-1948-1.NASL", "SUSE_SU-2019-2068-1.NASL", "SUSE_SU-2019-2070-1.NASL", "SUSE_SU-2019-2071-1.NASL", "SUSE_SU-2019-2072-1.NASL", "SUSE_SU-2019-2073-1.NASL", "SUSE_SU-2019-2158-1.NASL", "SUSE_SU-2019-2159-1.NASL", "SUSE_SU-2019-2228-1.NASL", "SUSE_SU-2019-2262-1.NASL", "SUSE_SU-2019-2263-1.NASL", "SUSE_SU-2019-2299-1.NASL", "SUSE_SU-2019-2412-1.NASL", "SUSE_SU-2019-2414-1.NASL", "SUSE_SU-2019-2424-1.NASL", "SUSE_SU-2019-2430-1.NASL", "SUSE_SU-2019-2648-1.NASL", "SUSE_SU-2019-2687-1.NASL", "SUSE_SU-2019-2702-1.NASL", "SUSE_SU-2019-2707-1.NASL", "SUSE_SU-2019-2738-1.NASL", "SUSE_SU-2019-2821-1.NASL", "SUSE_SU-2019-3228-1.NASL", "SUSE_SU-2019-3230-1.NASL", "SUSE_SU-2019-3232-1.NASL", "SUSE_SU-2019-3258-1.NASL", "SUSE_SU-2019-3260-1.NASL", "SUSE_SU-2019-3261-1.NASL", "SUSE_SU-2019-3263-1.NASL", "SUSE_SU-2019-3306-1.NASL", "SUSE_SU-2019-3316-1.NASL", "SUSE_SU-2019-3369-1.NASL", "SUSE_SU-2019-3379-1.NASL", "SUSE_SU-2019-3381-1.NASL", "SUSE_SU-2019-3389-1.NASL", "SUSE_SU-2021-3192-1.NASL", "SUSE_SU-2021-3206-1.NASL", "SUSE_SU-2021-3217-1.NASL", "SUSE_SU-2021-3876-1.NASL", "SUSE_SU-2021-3969-1.NASL", "UBUNTU_USN-4040-1.NASL", "UBUNTU_USN-4070-1.NASL", "UBUNTU_USN-4070-2.NASL", "UBUNTU_USN-4070-3.NASL", "UBUNTU_USN-4090-1.NASL", "UBUNTU_USN-4093-1.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4095-1.NASL", "UBUNTU_USN-4096-1.NASL", "UBUNTU_USN-4114-1.NASL", "UBUNTU_USN-4115-1.NASL", "UBUNTU_USN-4115-2.NASL", "UBUNTU_USN-4116-1.NASL", "UBUNTU_USN-4117-1.NASL", "UBUNTU_USN-4118-1.NASL", "UBUNTU_USN-4145-1.NASL", "UBUNTU_USN-4147-1.NASL", "UBUNTU_USN-4326-1.NASL", "VIRTUOZZO_VZA-2019-067.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108620", "OPENVAS:1361412562310142644", "OPENVAS:1361412562310142645", "OPENVAS:1361412562310142652", "OPENVAS:1361412562310142653", "OPENVAS:1361412562310142656", "OPENVAS:1361412562310142657", "OPENVAS:1361412562310142658", "OPENVAS:1361412562310142659", "OPENVAS:1361412562310704368", "OPENVAS:1361412562310704472", "OPENVAS:1361412562310704484", "OPENVAS:1361412562310704492", "OPENVAS:1361412562310704493", "OPENVAS:1361412562310704495", "OPENVAS:1361412562310815400", "OPENVAS:1361412562310815401", "OPENVAS:1361412562310815402", "OPENVAS:1361412562310815403", "OPENVAS:1361412562310815404", "OPENVAS:1361412562310815406", "OPENVAS:1361412562310815408", "OPENVAS:1361412562310815409", "OPENVAS:1361412562310815410", "OPENVAS:1361412562310815513", "OPENVAS:1361412562310815514", "OPENVAS:1361412562310844072", "OPENVAS:1361412562310844107", "OPENVAS:1361412562310844128", "OPENVAS:1361412562310844131", "OPENVAS:1361412562310844132", "OPENVAS:1361412562310844133", "OPENVAS:1361412562310844134", "OPENVAS:1361412562310844136", "OPENVAS:1361412562310844137", "OPENVAS:1361412562310844156", "OPENVAS:1361412562310844157", "OPENVAS:1361412562310844158", "OPENVAS:1361412562310844159", "OPENVAS:1361412562310844160", "OPENVAS:1361412562310844174", "OPENVAS:1361412562310844192", "OPENVAS:1361412562310844194", "OPENVAS:1361412562310844390", "OPENVAS:1361412562310852238", "OPENVAS:1361412562310852254", "OPENVAS:1361412562310852611", "OPENVAS:1361412562310852631", "OPENVAS:1361412562310852665", "OPENVAS:1361412562310852687", "OPENVAS:1361412562310852705", "OPENVAS:1361412562310852747", "OPENVAS:1361412562310852784", "OPENVAS:1361412562310876543", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310876566", "OPENVAS:1361412562310876577", "OPENVAS:1361412562310876583", "OPENVAS:1361412562310876586", "OPENVAS:1361412562310876611", "OPENVAS:1361412562310876621", "OPENVAS:1361412562310876630", "OPENVAS:1361412562310876634", "OPENVAS:1361412562310876638", "OPENVAS:1361412562310876647", "OPENVAS:1361412562310876648", "OPENVAS:1361412562310876652", "OPENVAS:1361412562310876653", "OPENVAS:1361412562310876660", "OPENVAS:1361412562310876666", "OPENVAS:1361412562310876696", "OPENVAS:1361412562310876698", "OPENVAS:1361412562310876701", "OPENVAS:1361412562310876745", "OPENVAS:1361412562310876750", "OPENVAS:1361412562310876753", "OPENVAS:1361412562310876754", "OPENVAS:1361412562310876809", "OPENVAS:1361412562310876841", "OPENVAS:1361412562310876869", "OPENVAS:1361412562310876925", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310877052", "OPENVAS:1361412562310877058", "OPENVAS:1361412562310877070", "OPENVAS:1361412562310883096", "OPENVAS:1361412562310883107", "OPENVAS:1361412562310883117", "OPENVAS:1361412562310891839", "OPENVAS:1361412562310891862", "OPENVAS:1361412562310891863", "OPENVAS:1361412562310891884", "OPENVAS:1361412562310891885", "OPENVAS:1361412562310891919", "OPENVAS:1361412562310891930", "OPENVAS:1361412562311220192693", "OPENVAS:1361412562311220201372", "OPENVAS:1361412562311220201452", "OPENVAS:1361412562311220201466"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2019-5072835"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2029", "ELSA-2019-2411", "ELSA-2019-2473", "ELSA-2019-2511", "ELSA-2019-2600", "ELSA-2019-2703", "ELSA-2019-2736", "ELSA-2019-3055", "ELSA-2019-4733", "ELSA-2019-4735", "ELSA-2019-4746", "ELSA-2019-4775", "ELSA-2019-4777", "ELSA-2019-4808", "ELSA-2019-4810", "ELSA-2019-4812", "ELSA-2019-4820", "ELSA-2019-4871", "ELSA-2019-4872", "ELSA-2019-4878", "ELSA-2020-1016", "ELSA-2020-1100", "ELSA-2020-5619-1", "ELSA-2021-9459"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:154957"]}, {"type": "photon", "idList": ["PHSA-2019-1.0-0247", "PHSA-2019-1.0-0251", "PHSA-2019-1.0-0257", "PHSA-2019-2.0-0171", "PHSA-2019-2.0-0173", "PHSA-2019-2.0-0175", "PHSA-2019-2.0-0190", "PHSA-2020-0279", "PHSA-2020-1.0-0279", "PHSA-2020-2.0-0225"]}, {"type": "redhat", "idList": ["RHSA-2019:1973", "RHSA-2019:2405", "RHSA-2019:2411", "RHSA-2019:2473", "RHSA-2019:2600", "RHSA-2019:2609", "RHSA-2019:2695", "RHSA-2019:2899", "RHSA-2021:2021"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-12972", "RH:CVE-2019-13115", "RH:CVE-2019-14241", "RH:CVE-2019-14250", "RH:CVE-2019-14444", "RH:CVE-2019-15215", "RH:CVE-2019-15807", "RH:CVE-2019-15925", "RH:CVE-2019-17351", "RH:CVE-2019-2738", "RH:CVE-2019-2741", "RH:CVE-2019-2789", "RH:CVE-2019-2795", "RH:CVE-2019-2796", "RH:CVE-2019-2797", "RH:CVE-2019-2798", "RH:CVE-2019-2800", "RH:CVE-2019-2801", "RH:CVE-2019-2802", "RH:CVE-2019-2803", "RH:CVE-2019-2808", "RH:CVE-2019-2810", "RH:CVE-2019-2811", "RH:CVE-2019-2812", "RH:CVE-2019-2814", "RH:CVE-2019-2815", "RH:CVE-2019-2819", "RH:CVE-2019-2822", "RH:CVE-2019-2826", "RH:CVE-2019-2830", "RH:CVE-2019-2834", "RH:CVE-2019-2879", "RH:CVE-2019-6250"]}, {"type": "slackware", "idList": ["SSA-2019-202-01", "SSA-2019-226-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:0064-1", "OPENSUSE-SU-2019:0087-1", "OPENSUSE-SU-2019:1716-1", "OPENSUSE-SU-2019:1757-1", "OPENSUSE-SU-2019:1777-1", "OPENSUSE-SU-2019:1923-1", "OPENSUSE-SU-2019:1924-1", "OPENSUSE-SU-2019:2062-1", "OPENSUSE-SU-2019:2173-1", "OPENSUSE-SU-2019:2181-1", "OPENSUSE-SU-2019:2364-1", "OPENSUSE-SU-2019:2365-1", "OPENSUSE-SU-2019:2675-1", "OPENSUSE-SU-2019:2698-1", "OPENSUSE-SU-2021:3876-1"]}, {"type": "symantec", "idList": ["SMNTC-110348"]}, {"type": "thn", "idList": ["THN:E3EB255FBC069136903C8881DF473DF0"]}, {"type": "threatpost", "idList": ["THREATPOST:25B39CC0AC8A2CF8DE7334F890A87907"]}, {"type": "ubuntu", "idList": ["USN-4040-1", "USN-4040-2", "USN-4070-1", "USN-4070-2", "USN-4070-3", "USN-4090-1", "USN-4093-1", "USN-4094-1", "USN-4095-1", "USN-4095-2", "USN-4096-1", "USN-4114-1", "USN-4115-1", "USN-4115-2", "USN-4116-1", "USN-4117-1", "USN-4118-1", "USN-4145-1", "USN-4147-1", "USN-4326-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-10208", "UB:CVE-2019-1125", "UB:CVE-2019-15090", "UB:CVE-2019-15211", "UB:CVE-2019-15213", "UB:CVE-2019-15215", "UB:CVE-2019-15220", "UB:CVE-2019-15807", "UB:CVE-2019-15925", "UB:CVE-2019-17351"]}, {"type": "virtuozzo", "idList": ["VZA-2019-066", "VZA-2019-067"]}, {"type": "xen", "idList": ["XSA-300"]}, {"type": "zdt", "idList": ["1337DAY-ID-32994", "1337DAY-ID-33027", "1337DAY-ID-33410"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2015-8370", "epss": 0.00108, "percentile": 0.42257, "modified": "2023-05-03"}, {"cve": "CVE-2018-20843", "epss": 0.91481, "percentile": 0.98362, "modified": "2023-05-03"}, {"cve": "CVE-2019-10126", "epss": 0.01021, "percentile": 0.81584, "modified": "2023-05-03"}, {"cve": "CVE-2019-10208", "epss": 0.00193, "percentile": 0.55619, "modified": "2023-05-03"}, {"cve": "CVE-2019-10638", "epss": 0.0018, "percentile": 0.537, "modified": "2023-05-03"}, {"cve": "CVE-2019-1125", "epss": 0.0008, "percentile": 0.32744, "modified": "2023-05-03"}, {"cve": "CVE-2019-12972", "epss": 0.00063, "percentile": 0.24899, "modified": "2023-05-03"}, {"cve": "CVE-2019-13103", "epss": 0.00042, "percentile": 0.05655, "modified": "2023-05-03"}, {"cve": "CVE-2019-13115", "epss": 0.00316, "percentile": 0.65862, "modified": "2023-05-03"}, {"cve": "CVE-2019-13272", "epss": 0.00052, "percentile": 0.18053, "modified": "2023-05-03"}, {"cve": "CVE-2019-14241", "epss": 0.81339, "percentile": 0.97821, "modified": "2023-05-03"}, {"cve": "CVE-2019-14250", "epss": 0.0008, "percentile": 0.32967, "modified": "2023-05-03"}, {"cve": "CVE-2019-14283", "epss": 0.00076, "percentile": 0.30821, "modified": "2023-05-03"}, {"cve": "CVE-2019-14284", "epss": 0.0009, "percentile": 0.36885, "modified": "2023-05-03"}, {"cve": "CVE-2019-14444", "epss": 0.001, "percentile": 0.39928, "modified": "2023-05-03"}, {"cve": "CVE-2019-15090", "epss": 0.00045, "percentile": 0.12107, "modified": "2023-05-03"}, {"cve": "CVE-2019-15211", "epss": 0.00117, "percentile": 0.44309, "modified": "2023-05-03"}, {"cve": "CVE-2019-15213", "epss": 0.00115, "percentile": 0.43875, "modified": "2023-05-03"}, {"cve": "CVE-2019-15215", "epss": 0.00117, "percentile": 0.44309, "modified": "2023-05-03"}, {"cve": "CVE-2019-15220", "epss": 0.00097, "percentile": 0.39328, "modified": "2023-05-03"}, {"cve": "CVE-2019-15807", "epss": 0.00045, "percentile": 0.12107, "modified": "2023-05-03"}, {"cve": "CVE-2019-15925", "epss": 0.00042, "percentile": 0.05655, "modified": "2023-05-03"}, {"cve": "CVE-2019-15926", "epss": 0.01038, "percentile": 0.81727, "modified": "2023-05-03"}, {"cve": "CVE-2019-17351", "epss": 0.00045, "percentile": 0.12107, "modified": "2023-05-03"}, {"cve": "CVE-2019-20934", "epss": 0.00044, "percentile": 0.10282, "modified": "2023-05-02"}, {"cve": "CVE-2019-2737", "epss": 0.00124, "percentile": 0.45353, "modified": "2023-05-03"}, {"cve": "CVE-2019-2738", "epss": 0.00131, "percentile": 0.46583, "modified": "2023-05-03"}, {"cve": "CVE-2019-2739", "epss": 0.00053, "percentile": 0.19023, "modified": "2023-05-03"}, {"cve": "CVE-2019-2740", "epss": 0.00175, "percentile": 0.53142, "modified": "2023-05-03"}, {"cve": "CVE-2019-2741", "epss": 0.00128, "percentile": 0.46114, "modified": "2023-05-03"}, {"cve": "CVE-2019-2789", "epss": 0.00096, "percentile": 0.38919, "modified": "2023-05-03"}, {"cve": "CVE-2019-2795", "epss": 0.00301, "percentile": 0.64985, "modified": "2023-05-03"}, {"cve": "CVE-2019-2796", "epss": 0.00116, "percentile": 0.43968, "modified": "2023-05-03"}, {"cve": "CVE-2019-2797", "epss": 0.0006, "percentile": 0.23464, "modified": "2023-05-03"}, {"cve": "CVE-2019-2798", "epss": 0.00116, "percentile": 0.43968, "modified": "2023-05-03"}, {"cve": "CVE-2019-2800", "epss": 0.00289, "percentile": 0.64316, "modified": "2023-05-03"}, {"cve": "CVE-2019-2801", "epss": 0.00116, "percentile": 0.43968, "modified": "2023-05-03"}, {"cve": "CVE-2019-2802", "epss": 0.00116, "percentile": 0.43968, "modified": "2023-05-03"}, {"cve": "CVE-2019-2803", "epss": 0.00116, "percentile": 0.43968, "modified": "2023-05-03"}, {"cve": "CVE-2019-2805", "epss": 0.0019, "percentile": 0.5499, "modified": "2023-05-03"}, {"cve": "CVE-2019-2808", "epss": 0.00116, "percentile": 0.43968, "modified": "2023-05-03"}, {"cve": "CVE-2019-2810", "epss": 0.00116, "percentile": 0.43968, "modified": "2023-05-03"}, {"cve": "CVE-2019-2811", "epss": 0.00116, "percentile": 0.43968, "modified": "2023-05-03"}, {"cve": "CVE-2019-2812", "epss": 0.00301, "percentile": 0.64985, "modified": "2023-05-03"}, {"cve": "CVE-2019-2814", "epss": 0.00085, "percentile": 0.34623, "modified": "2023-05-03"}, {"cve": "CVE-2019-2815", "epss": 0.00116, "percentile": 0.43968, "modified": "2023-05-03"}, {"cve": "CVE-2019-2819", "epss": 0.00122, "percentile": 0.45122, "modified": "2023-05-03"}, {"cve": "CVE-2019-2822", "epss": 0.00211, "percentile": 0.57496, "modified": "2023-05-03"}, {"cve": "CVE-2019-2826", "epss": 0.00116, "percentile": 0.43968, "modified": "2023-05-03"}, {"cve": "CVE-2019-2830", "epss": 0.00116, "percentile": 0.43968, "modified": "2023-05-03"}, {"cve": "CVE-2019-2834", "epss": 0.00301, "percentile": 0.64985, "modified": "2023-05-03"}, {"cve": "CVE-2019-2879", "epss": 0.00102, "percentile": 0.40318, "modified": "2023-05-03"}, {"cve": "CVE-2019-3846", "epss": 0.00102, "percentile": 0.40363, "modified": "2023-05-03"}, {"cve": "CVE-2019-3900", "epss": 0.00165, "percentile": 0.51761, "modified": "2023-05-03"}, {"cve": "CVE-2019-6250", "epss": 0.70176, "percentile": 0.97481, "modified": "2023-05-03"}], "vulnersScore": 7.7}, "_state": {"dependencies": 1686117208, "score": 1686117098, "epss": 0}, "_internal": {"score_hash": "4e8e6d323e3c2664628d69ae739782dd"}, "affectedPackage": [], "vendorCvss": {"severity": "critical"}}

{"photon": [{"lastseen": "2022-05-12T18:52:01", "description": "Updates of ['expat', 'postgresql', 'u-boot', 'grub2', 'haproxy', 'linux-esx', 'zeromq', 'linux', 'mysql', 'linux- secure', 'linux-aws', 'binutils', 'libssh2'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-21T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-0026", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 9.4, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 9.2, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8370", "CVE-2018-20843", "CVE-2019-10126", "CVE-2019-10208", "CVE-2019-10638", "CVE-2019-1125", "CVE-2019-12972", "CVE-2019-13103", "CVE-2019-13115", "CVE-2019-13272", "CVE-2019-14241", "CVE-2019-14250", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-14444", "CVE-2019-15090", "CVE-2019-15211", "CVE-2019-15213", "CVE-2019-15215", "CVE-2019-15220", "CVE-2019-15807", "CVE-2019-15925", "CVE-2019-15926", "CVE-2019-17351", "CVE-2019-20934", "CVE-2019-2737", "CVE-2019-2738", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2741", "CVE-2019-2789", "CVE-2019-2795", "CVE-2019-2796", "CVE-2019-2797", "CVE-2019-2798", "CVE-2019-2800", "CVE-2019-2801", "CVE-2019-2802", "CVE-2019-2803", "CVE-2019-2805", "CVE-2019-2808", "CVE-2019-2810", "CVE-2019-2811", "CVE-2019-2812", "CVE-2019-2814", "CVE-2019-2815", "CVE-2019-2819", "CVE-2019-2822", "CVE-2019-2826", "CVE-2019-2830", "CVE-2019-2834", "CVE-2019-2879", "CVE-2019-3846", "CVE-2019-3900", "CVE-2019-6250"], "modified": "2019-08-21T00:00:00", "id": "PHSA-2019-0026", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-26", "cvss": {"score": 9.4, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:C"}}, {"lastseen": "2021-11-03T11:50:25", "description": "An update of {'libmspack', 'sysdig', 'patch', 'linux', 'mysql', 'dracut', 'linux-esx', 'systemd', 'binutils'} packages of Photon OS has been released. This kernel update fixes vulnerability CVE-2019-1125 which is commonly known as SWAPGS vulnerability.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.2}, "published": "2019-08-19T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-1.0-0248", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 9.4, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10713", "CVE-2016-8637", "CVE-2017-18509", "CVE-2018-18585", "CVE-2018-18586", "CVE-2018-20856", "CVE-2018-20969", "CVE-2019-1125", "CVE-2019-11487", "CVE-2019-12972", "CVE-2019-13636", "CVE-2019-13638", "CVE-2019-14250", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-14444", "CVE-2019-15239", "CVE-2019-15926", "CVE-2019-2737", "CVE-2019-2738", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2741", "CVE-2019-2743", "CVE-2019-2746", "CVE-2019-2747", "CVE-2019-2752", "CVE-2019-2755", "CVE-2019-2757", "CVE-2019-2758", "CVE-2019-2774", "CVE-2019-2778", "CVE-2019-2780", "CVE-2019-2784", "CVE-2019-2785", "CVE-2019-2789", "CVE-2019-2791", "CVE-2019-2795", "CVE-2019-2796", "CVE-2019-2797", "CVE-2019-2798", "CVE-2019-2800", "CVE-2019-2801", "CVE-2019-2802", "CVE-2019-2803", "CVE-2019-2805", "CVE-2019-2808", "CVE-2019-2810", "CVE-2019-2811", "CVE-2019-2812", "CVE-2019-2814", "CVE-2019-2815", "CVE-2019-2819", "CVE-2019-2822", "CVE-2019-2826", "CVE-2019-2830", "CVE-2019-2834", "CVE-2019-2879", "CVE-2019-6454", "CVE-2019-8339"], "modified": "2019-08-19T00:00:00", "id": "PHSA-2019-1.0-0248", "href": "https://github.com/vmware/photon/wiki/Security-Updates-1.0-248", "cvss": {"score": 9.4, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:C"}}, {"lastseen": "2023-06-06T16:22:19", "description": "Updates of ['systemd', 'libmspack', 'patch', 'dracut', 'binutils', 'mysql'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-19T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2019-0248", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10713", "CVE-2016-8637", "CVE-2018-18585", "CVE-2018-18586", "CVE-2018-20969", "CVE-2019-12972", "CVE-2019-13636", "CVE-2019-13638", "CVE-2019-14250", "CVE-2019-14444", "CVE-2019-2737", "CVE-2019-2738", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2741", "CVE-2019-2743", "CVE-2019-2746", "CVE-2019-2747", "CVE-2019-2752", "CVE-2019-2755", "CVE-2019-2757", "CVE-2019-2758", "CVE-2019-2774", "CVE-2019-2778", "CVE-2019-2780", "CVE-2019-2784", "CVE-2019-2785", "CVE-2019-2789", "CVE-2019-2791", "CVE-2019-2795", "CVE-2019-2796", "CVE-2019-2797", "CVE-2019-2798", "CVE-2019-2800", "CVE-2019-2801", "CVE-2019-2802", "CVE-2019-2803", "CVE-2019-2805", "CVE-2019-2808", "CVE-2019-2810", "CVE-2019-2811", "CVE-2019-2812", "CVE-2019-2814", "CVE-2019-2815", "CVE-2019-2819", "CVE-2019-2822", "CVE-2019-2826", "CVE-2019-2830", "CVE-2019-2834", "CVE-2019-2879", "CVE-2019-6454"], "modified": "2019-08-19T00:00:00", "id": "PHSA-2019-0248", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-248", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-06T16:03:08", "description": "Updates of ['mysql', 'patch', 'ansible', 'redis', 'nss', 'systemd'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-08-14T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2019-0172", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10713", "CVE-2018-12384", "CVE-2018-12404", "CVE-2018-20969", "CVE-2019-10156", "CVE-2019-10192", "CVE-2019-13636", "CVE-2019-13638", "CVE-2019-2737", "CVE-2019-2738", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2741", "CVE-2019-2791", "CVE-2019-2795", "CVE-2019-2796", "CVE-2019-2797", "CVE-2019-2805", "CVE-2019-2819", "CVE-2019-3843", "CVE-2019-3844"], "modified": "2019-08-14T00:00:00", "id": "PHSA-2019-0172", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-172", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-06T16:03:11", "description": "Updates of ['linux-aws', 'linux-secure', 'linux-esx', 'go', 'envoy', 'linux'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-09-03T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-0175", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18509", "CVE-2018-20856", "CVE-2018-20961", "CVE-2019-1125", "CVE-2019-13272", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-14809", "CVE-2019-15239", "CVE-2019-15807", "CVE-2019-15926", "CVE-2019-16413", "CVE-2019-20934", "CVE-2019-9900", "CVE-2019-9901"], "modified": "2019-09-03T00:00:00", "id": "PHSA-2019-0175", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-175", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-03T17:49:52", "description": "An update of {'linux-esx', 'python3', 'linux'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-09-24T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-1.0-0251", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10905", "CVE-2016-10906", "CVE-2019-10638", "CVE-2019-15118", "CVE-2019-15211", "CVE-2019-15213", "CVE-2019-15215", "CVE-2019-15902", "CVE-2019-16056", "CVE-2019-16413", "CVE-2019-19527", "CVE-2019-3900"], "modified": "2019-09-24T00:00:00", "id": "PHSA-2019-1.0-0251", "href": "https://github.com/vmware/photon/wiki/Security-Updates-1.0-251", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-06T16:22:07", "description": "Updates of ['linux', 'linux-esx', 'python3'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-09-24T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2019-0251", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10905", "CVE-2016-10906", "CVE-2019-10638", "CVE-2019-15118", "CVE-2019-15211", "CVE-2019-15213", "CVE-2019-15215", "CVE-2019-15902", "CVE-2019-16056", "CVE-2019-16413", "CVE-2019-19527", "CVE-2019-3900"], "modified": "2019-09-24T00:00:00", "id": "PHSA-2019-0251", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-251", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-03T15:04:48", "description": "An update of {'linux', 'linux-secure', 'linux-aws', 'linux-esx', 'go'} packages of Photon OS has been released. This kernel update fixes vulnerability CVE-2019-1125 which is commonly known as SWAPGS vulnerability.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-09-10T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-2.0-0175", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 9.4, "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 9.2, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18509", "CVE-2018-20856", "CVE-2019-1125", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-14809", "CVE-2019-15239", "CVE-2019-15926", "CVE-2019-16413"], "modified": "2019-09-10T00:00:00", "id": "PHSA-2019-2.0-0175", "href": "https://github.com/vmware/photon/wiki/Security-Updates-2-175", "cvss": {"score": 9.4, "vector": "AV:N/AC:L/Au:N/C:C/I:N/A:C"}}, {"lastseen": "2023-06-06T16:22:22", "description": "Updates of ['glib', 'linux', 'linux-esx', 'zeromq'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-24T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-0245", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13012", "CVE-2019-13132", "CVE-2019-13272", "CVE-2019-15807"], "modified": "2019-07-24T00:00:00", "id": "PHSA-2019-0245", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-245", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-06-04T14:37:19", "description": "An update of the mysql package has been released.", "cvss3": {}, "published": "2019-09-23T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Mysql PHSA-2019-3.0-0026", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2738", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2741", "CVE-2019-2789", "CVE-2019-2795", "CVE-2019-2796", "CVE-2019-2797", "CVE-2019-2798", "CVE-2019-2800", "CVE-2019-2801", "CVE-2019-2802", "CVE-2019-2803", "CVE-2019-2805", "CVE-2019-2808", "CVE-2019-2810", "CVE-2019-2811", "CVE-2019-2812", "CVE-2019-2814", "CVE-2019-2815", "CVE-2019-2819", "CVE-2019-2822", "CVE-2019-2826", "CVE-2019-2830", "CVE-2019-2834", "CVE-2019-2879"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:mysql", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0026_MYSQL.NASL", "href": "https://www.tenable.com/plugins/nessus/129103", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0026. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129103);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2019-2737\",\n \"CVE-2019-2738\",\n \"CVE-2019-2739\",\n \"CVE-2019-2740\",\n \"CVE-2019-2741\",\n \"CVE-2019-2789\",\n \"CVE-2019-2795\",\n \"CVE-2019-2796\",\n \"CVE-2019-2797\",\n \"CVE-2019-2798\",\n \"CVE-2019-2800\",\n \"CVE-2019-2801\",\n \"CVE-2019-2802\",\n \"CVE-2019-2803\",\n \"CVE-2019-2805\",\n \"CVE-2019-2808\",\n \"CVE-2019-2810\",\n \"CVE-2019-2811\",\n \"CVE-2019-2812\",\n \"CVE-2019-2814\",\n \"CVE-2019-2815\",\n \"CVE-2019-2819\",\n \"CVE-2019-2822\",\n \"CVE-2019-2826\",\n \"CVE-2019-2830\",\n \"CVE-2019-2834\",\n \"CVE-2019-2879\"\n );\n\n script_name(english:\"Photon OS 3.0: Mysql PHSA-2019-3.0-0026\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the mysql package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0026.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2819\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-2822\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"mysql-8.0.17-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"mysql-debuginfo-8.0.17-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"mysql-devel-8.0.17-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:43", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2019-09-12T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Linux PHSA-2019-3.0-0026", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10638", "CVE-2019-13272", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-15090", "CVE-2019-15807", "CVE-2019-15925", "CVE-2019-15926"], "modified": "2023-01-20T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0026_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/128732", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0026. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128732);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/20\");\n\n script_cve_id(\n \"CVE-2019-10638\",\n \"CVE-2019-13272\",\n \"CVE-2019-14283\",\n \"CVE-2019-14284\",\n \"CVE-2019-15090\",\n \"CVE-2019-15807\",\n \"CVE-2019-15925\",\n \"CVE-2019-15926\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"Photon OS 3.0: Linux PHSA-2019-3.0-0026\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0026.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15926\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-4.19.65-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-api-headers-4.19.65-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-4.19.65-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-debuginfo-4.19.65-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-devel-4.19.65-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-docs-4.19.65-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-drivers-gpu-4.19.65-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-oprofile-4.19.65-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-sound-4.19.65-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-debuginfo-4.19.65-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-devel-4.19.65-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-docs-4.19.65-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-drivers-gpu-4.19.65-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-drivers-sound-4.19.65-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-esx-4.19.65-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-esx-debuginfo-4.19.65-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-esx-devel-4.19.65-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-esx-docs-4.19.65-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-oprofile-4.19.65-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-secure-4.19.65-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-secure-debuginfo-4.19.65-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-secure-devel-4.19.65-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-secure-docs-4.19.65-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-secure-lkcm-4.19.65-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-tools-4.19.65-2.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-03T14:35:27", "description": "The version of MySQL running on the remote host is 8.0.x prior to 8.0.17. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the July 2019 and October 2022 Critical Patch Update advisories:\n\n - An unspecified vulnerability in the 'Shell: Admin / InnoDB Cluster' subcomponent could allow an unauthenticated attacker to takeover an affected MySQL Server. A successful attack requires user interaction.\n (CVE-2019-2822)\n\n - As unspecified vulnerability in the 'Server: Replication' subcomponent could allow an unauthenticated attacker to cause the server to hang or to, via a frequently repeatable crash, cause a complete denial of service.\n Additionally, a successful attacker could perform unauthorized modifications to some MySQL Server accessible data. (CVE-2019-2800)\n\n - As unspecified vulnerability in the 'Server: Charsets' subcomponent could allow an unauthenticated attacker to cause the server to hang or to, via a frequently repeatable crash, cause a complete denial of service.\n (CVE-2019-2795)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-07-18T00:00:00", "type": "nessus", "title": "MySQL 8.0.x < 8.0.17 Multiple Vulnerabilities (July 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2738", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2741", "CVE-2019-2752", "CVE-2019-2757", "CVE-2019-2758", "CVE-2019-2774", "CVE-2019-2778", "CVE-2019-2780", "CVE-2019-2784", "CVE-2019-2785", "CVE-2019-2789", "CVE-2019-2791", "CVE-2019-2795", "CVE-2019-2796", "CVE-2019-2797", "CVE-2019-2800", "CVE-2019-2801", "CVE-2019-2802", "CVE-2019-2803", "CVE-2019-2805", "CVE-2019-2808", "CVE-2019-2810", "CVE-2019-2811", "CVE-2019-2812", "CVE-2019-2814", "CVE-2019-2815", "CVE-2019-2819", "CVE-2019-2822", "CVE-2019-2826", "CVE-2019-2830", "CVE-2019-2834", "CVE-2019-2879", "CVE-2019-2948", "CVE-2019-2950", "CVE-2019-2969", "CVE-2019-3003", "CVE-2022-21589"], "modified": "2022-10-25T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "MYSQL_8_0_17.NASL", "href": "https://www.tenable.com/plugins/nessus/126784", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126784);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/25\");\n\n script_cve_id(\n \"CVE-2019-2737\",\n \"CVE-2019-2738\",\n \"CVE-2019-2739\",\n \"CVE-2019-2740\",\n \"CVE-2019-2741\",\n \"CVE-2019-2752\",\n \"CVE-2019-2757\",\n \"CVE-2019-2758\",\n \"CVE-2019-2774\",\n \"CVE-2019-2778\",\n \"CVE-2019-2780\",\n \"CVE-2019-2784\",\n \"CVE-2019-2785\",\n \"CVE-2019-2789\",\n \"CVE-2019-2791\",\n \"CVE-2019-2795\",\n \"CVE-2019-2796\",\n \"CVE-2019-2797\",\n \"CVE-2019-2800\",\n \"CVE-2019-2801\",\n \"CVE-2019-2802\",\n \"CVE-2019-2803\",\n \"CVE-2019-2805\",\n \"CVE-2019-2808\",\n \"CVE-2019-2810\",\n \"CVE-2019-2811\",\n \"CVE-2019-2812\",\n \"CVE-2019-2814\",\n \"CVE-2019-2815\",\n \"CVE-2019-2819\",\n \"CVE-2019-2822\",\n \"CVE-2019-2826\",\n \"CVE-2019-2830\",\n \"CVE-2019-2834\",\n \"CVE-2019-2879\",\n \"CVE-2019-2948\",\n \"CVE-2019-2950\",\n \"CVE-2019-2969\",\n \"CVE-2019-3003\",\n \"CVE-2022-21589\"\n );\n script_bugtraq_id(109234, 109243, 109247);\n script_xref(name:\"IAVA\", value:\"2019-A-0383-S\");\n\n script_name(english:\"MySQL 8.0.x < 8.0.17 Multiple Vulnerabilities (July 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL running on the remote host is 8.0.x prior to\n8.0.17. It is, therefore, affected by multiple vulnerabilities,\nincluding three of the top vulnerabilities below, as noted in the\nJuly 2019 and October 2022 Critical Patch Update advisories:\n\n - An unspecified vulnerability in the\n 'Shell: Admin / InnoDB Cluster' subcomponent could allow\n an unauthenticated attacker to takeover an affected MySQL\n Server. A successful attack requires user interaction.\n (CVE-2019-2822)\n\n - As unspecified vulnerability in the 'Server: Replication'\n subcomponent could allow an unauthenticated attacker to\n cause the server to hang or to, via a frequently\n repeatable crash, cause a complete denial of service.\n Additionally, a successful attacker could perform\n unauthorized modifications to some MySQL Server\n accessible data. (CVE-2019-2800)\n\n - As unspecified vulnerability in the 'Server: Charsets'\n subcomponent could allow an unauthenticated attacker to\n cause the server to hang or to, via a frequently\n repeatable crash, cause a complete denial of service.\n (CVE-2019-2795)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-17.html\");\n # https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1adc2fd3\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpuoct2022cvrf.xml\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpuoct2022.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL version 8.0.17 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2819\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-2822\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\", \"mysql_version_local.nasl\", \"mysql_win_installed.nbin\", \"macosx_mysql_installed.nbin\");\n script_require_keys(\"installed_sw/MySQL Server\");\n\n exit(0);\n}\n\ninclude('vcf_extras_mysql.inc');\n\nvar app_info = vcf::mysql::combined_get_app_info();\n\nvar constraints = [{ 'min_version' : '8.0.0', 'fixed_version' : '8.0.17'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:35", "description": "It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-10126)\n\nAmit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. (CVE-2019-10638)\n\nIt was discovered that a NULL pointer dereference vulnerability existed in the Near-field communication (NFC) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-12984)\n\nJann Horn discovered a use-after-free vulnerability in the Linux kernel when accessing LDT entries in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-13233)\n\nJann Horn discovered that the ptrace implementation in the Linux kernel did not properly record credentials in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2019-13272)\n\nIt was discovered that the floppy driver in the Linux kernel did not properly validate meta data, leading to a buffer overread. A local attacker could use this to cause a denial of service (system crash).\n(CVE-2019-14283)\n\nIt was discovered that the floppy driver in the Linux kernel did not properly validate ioctl() calls, leading to a division-by-zero. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-14284)\n\nIt was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-3846)\n\nJason Wang discovered that an infinite loop vulnerability existed in the virtio net driver in the Linux kernel. A local attacker in a guest VM could possibly use this to cause a denial of service in the host system. (CVE-2019-3900).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-03T00:00:00", "type": "nessus", "title": "Ubuntu 19.04 : linux-aws vulnerabilities (USN-4117-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10126", "CVE-2019-10638", "CVE-2019-12984", "CVE-2019-13233", "CVE-2019-13272", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-3846", "CVE-2019-3900"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4117-1.NASL", "href": "https://www.tenable.com/plugins/nessus/128477", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4117-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128477);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-10126\", \"CVE-2019-10638\", \"CVE-2019-12984\", \"CVE-2019-13233\", \"CVE-2019-13272\", \"CVE-2019-14283\", \"CVE-2019-14284\", \"CVE-2019-3846\", \"CVE-2019-3900\");\n script_xref(name:\"USN\", value:\"4117-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Ubuntu 19.04 : linux-aws vulnerabilities (USN-4117-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that a heap buffer overflow existed in the Marvell\nWireless LAN device driver for the Linux kernel. An attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2019-10126)\n\nAmit Klein and Benny Pinkas discovered that the Linux kernel did not\nsufficiently randomize IP ID values generated for connectionless\nnetworking protocols. A remote attacker could use this to track\nparticular Linux devices. (CVE-2019-10638)\n\nIt was discovered that a NULL pointer dereference vulnerability\nexisted in the Near-field communication (NFC) implementation in the\nLinux kernel. A local attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-12984)\n\nJann Horn discovered a use-after-free vulnerability in the Linux\nkernel when accessing LDT entries in some situations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-13233)\n\nJann Horn discovered that the ptrace implementation in the Linux\nkernel did not properly record credentials in some situations. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly gain administrative privileges. (CVE-2019-13272)\n\nIt was discovered that the floppy driver in the Linux kernel did not\nproperly validate meta data, leading to a buffer overread. A local\nattacker could use this to cause a denial of service (system crash).\n(CVE-2019-14283)\n\nIt was discovered that the floppy driver in the Linux kernel did not\nproperly validate ioctl() calls, leading to a division-by-zero. A\nlocal attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-14284)\n\nIt was discovered that the Marvell Wireless LAN device driver in the\nLinux kernel did not properly validate the BSS descriptor. A local\nattacker could possibly use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2019-3846)\n\nJason Wang discovered that an infinite loop vulnerability existed in\nthe virtio net driver in the Linux kernel. A local attacker in a guest\nVM could possibly use this to cause a denial of service in the host\nsystem. (CVE-2019-3900).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4117-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-5.0-aws and / or linux-image-aws\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-10126\", \"CVE-2019-10638\", \"CVE-2019-12984\", \"CVE-2019-13233\", \"CVE-2019-13272\", \"CVE-2019-14283\", \"CVE-2019-14284\", \"CVE-2019-3846\", \"CVE-2019-3900\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4117-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1014-aws\", pkgver:\"5.0.0-1014.16\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-aws\", pkgver:\"5.0.0.1014.15\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-5.0-aws / linux-image-aws\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:25:47", "description": "Oracle reports :\n\nThis Critical Patch Update contains 45 new security fixes for Oracle MySQL. 4 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.", "cvss3": {}, "published": "2019-07-23T00:00:00", "type": "nessus", "title": "FreeBSD : MySQL -- Multiple vulerabilities (198e6220-ac8b-11e9-a1c7-b499baebfeaf)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2730", "CVE-2019-2731", "CVE-2019-2737", "CVE-2019-2738", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2741", "CVE-2019-2743", "CVE-2019-2746", "CVE-2019-2747", "CVE-2019-2752", "CVE-2019-2755", "CVE-2019-2757", "CVE-2019-2758", "CVE-2019-2774", "CVE-2019-2778", "CVE-2019-2780", "CVE-2019-2784", "CVE-2019-2785", "CVE-2019-2789", "CVE-2019-2791", "CVE-2019-2795", "CVE-2019-2796", "CVE-2019-2797", "CVE-2019-2798", "CVE-2019-2800", "CVE-2019-2801", "CVE-2019-2802", "CVE-2019-2803", "CVE-2019-2805", "CVE-2019-2808", "CVE-2019-2810", "CVE-2019-2811", "CVE-2019-2812", "CVE-2019-2814", "CVE-2019-2815", "CVE-2019-2819", "CVE-2019-2822", "CVE-2019-2826", "CVE-2019-2830", "CVE-2019-2834", "CVE-2019-2879", "CVE-2019-3822"], "modified": "2022-12-07T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:mariadb101-server", "p-cpe:/a:freebsd:freebsd:mariadb102-server", "p-cpe:/a:freebsd:freebsd:mariadb103-server", "p-cpe:/a:freebsd:freebsd:mariadb104-server", "p-cpe:/a:freebsd:freebsd:mariadb55-server", "p-cpe:/a:freebsd:freebsd:mysql56-server", "p-cpe:/a:freebsd:freebsd:mysql57-server", "p-cpe:/a:freebsd:freebsd:mysql80-server", "p-cpe:/a:freebsd:freebsd:percona55-server", "p-cpe:/a:freebsd:freebsd:percona56-server", "p-cpe:/a:freebsd:freebsd:percona57-server", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_198E6220AC8B11E9A1C7B499BAEBFEAF.NASL", "href": "https://www.tenable.com/plugins/nessus/126928", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2022 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126928);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/07\");\n\n script_cve_id(\"CVE-2019-2730\", \"CVE-2019-2731\", \"CVE-2019-2737\", \"CVE-2019-2738\", \"CVE-2019-2739\", \"CVE-2019-2740\", \"CVE-2019-2741\", \"CVE-2019-2743\", \"CVE-2019-2746\", \"CVE-2019-2747\", \"CVE-2019-2752\", \"CVE-2019-2755\", \"CVE-2019-2757\", \"CVE-2019-2758\", \"CVE-2019-2774\", \"CVE-2019-2778\", \"CVE-2019-2780\", \"CVE-2019-2784\", \"CVE-2019-2785\", \"CVE-2019-2789\", \"CVE-2019-2791\", \"CVE-2019-2795\", \"CVE-2019-2796\", \"CVE-2019-2797\", \"CVE-2019-2798\", \"CVE-2019-2800\", \"CVE-2019-2801\", \"CVE-2019-2802\", \"CVE-2019-2803\", \"CVE-2019-2805\", \"CVE-2019-2808\", \"CVE-2019-2810\", \"CVE-2019-2811\", \"CVE-2019-2812\", \"CVE-2019-2814\", \"CVE-2019-2815\", \"CVE-2019-2819\", \"CVE-2019-2822\", \"CVE-2019-2826\", \"CVE-2019-2830\", \"CVE-2019-2834\", \"CVE-2019-2879\", \"CVE-2019-3822\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0227\");\n\n script_name(english:\"FreeBSD : MySQL -- Multiple vulerabilities (198e6220-ac8b-11e9-a1c7-b499baebfeaf)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Oracle reports :\n\nThis Critical Patch Update contains 45 new security fixes for Oracle\nMySQL. 4 of these vulnerabilities may be remotely exploitable without\nauthentication, i.e., may be exploited over a network without\nrequiring user credentials.\"\n );\n # https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9aa2b901\"\n );\n # https://vuxml.freebsd.org/freebsd/198e6220-ac8b-11e9-a1c7-b499baebfeaf.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?079298bc\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mariadb101-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mariadb102-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mariadb103-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mariadb104-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mariadb55-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mysql56-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mysql57-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mysql80-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:percona55-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:percona56-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:percona57-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mariadb55-server<5.5.65\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mariadb101-server<10.1.41\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mariadb102-server<10.2.26\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mariadb103-server<10.3.17\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mariadb104-server<10.4.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mysql56-server<5.6.45\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mysql57-server<5.7.27\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mysql80-server<8.0.17\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"percona55-server<5.5.65\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"percona56-server<5.6.45\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"percona57-server<5.7.27\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:26:07", "description": "The version of MySQL running on the remote host is 5.6.x prior to 5.6.45. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the July 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in the 'Server: XML' subcomponent could allow a high privileged attacker to cause the server to hang or to, via a frequently repeatable crash, cause a complete denial of service.\n (CVE-2019-2740)\n\n - As unspecified vulnerability in the 'Server: Security:\n Audit' subcomponent could allow an unauthenticated attacker to cause the server to hang or to, via a frequently repeatable crash, cause a complete denial of service. Additionally, a successful attacker could perform unauthorized modifications to some MySQL Server accessible data. (CVE-2019-2819)\n\n - As unspecified vulnerability in the 'Server: Security:\n Privileges' subcomponent could allow an unauthenticated attacker to cause the server to hang or to, via a frequently repeatable crash, cause a complete denial of service. Additionally, a successful attacker could perform unauthorized modifications to some MySQL Server accessible data. (CVE-2019-2739)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-07-18T00:00:00", "type": "nessus", "title": "MySQL 5.6.x < 5.6.45 Multiple Vulnerabilities (Jul 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2738", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2805", "CVE-2019-2819", "CVE-2019-2969"], "modified": "2022-10-21T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "MYSQL_5_6_45.NASL", "href": "https://www.tenable.com/plugins/nessus/126782", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126782);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/21\");\n\n script_cve_id(\n \"CVE-2019-2737\",\n \"CVE-2019-2738\",\n \"CVE-2019-2739\",\n \"CVE-2019-2740\",\n \"CVE-2019-2805\",\n \"CVE-2019-2819\",\n \"CVE-2019-2969\"\n );\n script_bugtraq_id(109243);\n script_xref(name:\"IAVA\", value:\"2019-A-0383-S\");\n\n script_name(english:\"MySQL 5.6.x < 5.6.45 Multiple Vulnerabilities (Jul 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL running on the remote host is 5.6.x prior to\n5.6.45. It is, therefore, affected by multiple vulnerabilities,\nincluding three of the top vulnerabilities below, as noted in the\nJuly 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in the 'Server: XML'\n subcomponent could allow a high privileged attacker to\n cause the server to hang or to, via a frequently\n repeatable crash, cause a complete denial of service.\n (CVE-2019-2740)\n\n - As unspecified vulnerability in the 'Server: Security:\n Audit' subcomponent could allow an unauthenticated\n attacker to cause the server to hang or to, via a\n frequently repeatable crash, cause a complete denial of\n service. Additionally, a successful attacker could\n perform unauthorized modifications to some MySQL Server\n accessible data. (CVE-2019-2819)\n\n - As unspecified vulnerability in the 'Server: Security:\n Privileges' subcomponent could allow an unauthenticated\n attacker to cause the server to hang or to, via a\n frequently repeatable crash, cause a complete denial of\n service. Additionally, a successful attacker could\n perform unauthorized modifications to some MySQL Server\n accessible data. (CVE-2019-2739)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-45.html\");\n # https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1adc2fd3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL version 5.6.45 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2819\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-2969\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\", \"mysql_version_local.nasl\", \"mysql_win_installed.nbin\", \"macosx_mysql_installed.nbin\");\n script_require_keys(\"installed_sw/MySQL Server\");\n\n exit(0);\n}\ninclude('vcf_extras_mysql.inc');\n\nvar app_info = vcf::mysql::combined_get_app_info();\n\nvar constraints = [{ 'min_version' : '5.6.0', 'fixed_version' : '5.6.45'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:07", "description": "An update of the binutils package has been released.", "cvss3": {}, "published": "2019-09-12T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Binutils PHSA-2019-3.0-0026", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12972", "CVE-2019-14250", "CVE-2019-14444"], "modified": "2023-03-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:binutils", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0026_BINUTILS.NASL", "href": "https://www.tenable.com/plugins/nessus/128729", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0026. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128729);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/02\");\n\n script_cve_id(\"CVE-2019-12972\", \"CVE-2019-14250\", \"CVE-2019-14444\");\n\n script_name(english:\"Photon OS 3.0: Binutils PHSA-2019-3.0-0026\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the binutils package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0026.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14444\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"binutils-2.31.1-6.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"binutils-debuginfo-2.31.1-6.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"binutils-devel-2.31.1-6.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"binutils\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:58:47", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1100 advisory.\n\n - mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) (CVE-2019-2737)\n\n - mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) (CVE-2019-2739)\n\n - mysql: Server: XML unspecified vulnerability (CPU Jul 2019) (CVE-2019-2740)\n\n - mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) (CVE-2019-2805)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-04-10T00:00:00", "type": "nessus", "title": "CentOS 7 : mariadb (CESA-2020:1100)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2805"], "modified": "2020-06-05T00:00:00", "cpe": ["cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:mariadb", "p-cpe:/a:centos:centos:mariadb-bench", "p-cpe:/a:centos:centos:mariadb-devel", "p-cpe:/a:centos:centos:mariadb-embedded", "p-cpe:/a:centos:centos:mariadb-embedded-devel", "p-cpe:/a:centos:centos:mariadb-libs", "p-cpe:/a:centos:centos:mariadb-server", "p-cpe:/a:centos:centos:mariadb-test"], "id": "CENTOS_RHSA-2020-1100.NASL", "href": "https://www.tenable.com/plugins/nessus/135336", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2020:1100 and \n# CentOS Errata and Security Advisory 2020:1100 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135336);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/05\");\n\n script_cve_id(\"CVE-2019-2737\", \"CVE-2019-2739\", \"CVE-2019-2740\", \"CVE-2019-2805\");\n script_xref(name:\"RHSA\", value:\"2020:1100\");\n\n script_name(english:\"CentOS 7 : mariadb (CESA-2020:1100)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1100 advisory.\n\n - mysql: Server: Pluggable Auth unspecified vulnerability\n (CPU Jul 2019) (CVE-2019-2737)\n\n - mysql: Server: Security: Privileges unspecified\n vulnerability (CPU Jul 2019) (CVE-2019-2739)\n\n - mysql: Server: XML unspecified vulnerability (CPU Jul\n 2019) (CVE-2019-2740)\n\n - mysql: Server: Parser unspecified vulnerability (CPU Jul\n 2019) (CVE-2019-2805)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2020-April/012528.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5b9f3fec\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected mariadb packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2739\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mariadb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mariadb-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mariadb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mariadb-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mariadb-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mariadb-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mariadb-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mariadb-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mariadb-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mariadb-bench-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mariadb-devel-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mariadb-embedded-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mariadb-embedded-devel-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mariadb-libs-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mariadb-server-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"mariadb-test-5.5.65-1.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mariadb / mariadb-bench / mariadb-devel / mariadb-embedded / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:58:34", "description": "* mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul * mysql: Server: XML unspecified vulnerability (CPU Jul 2019)\n* mysql: Server: Parser unspecified vulnerability (CPU Jul 2019)", "cvss3": {}, "published": "2020-04-21T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : mariadb on SL7.x x86_64 (20200407)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2805"], "modified": "2020-04-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:mariadb", "p-cpe:/a:fermilab:scientific_linux:mariadb-bench", "p-cpe:/a:fermilab:scientific_linux:mariadb-debuginfo", "p-cpe:/a:fermilab:scientific_linux:mariadb-devel", "p-cpe:/a:fermilab:scientific_linux:mariadb-embedded", "p-cpe:/a:fermilab:scientific_linux:mariadb-embedded-devel", "p-cpe:/a:fermilab:scientific_linux:mariadb-libs", "p-cpe:/a:fermilab:scientific_linux:mariadb-server", "p-cpe:/a:fermilab:scientific_linux:mariadb-test", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20200407_MARIADB_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/135821", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135821);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/24\");\n\n script_cve_id(\"CVE-2019-2737\", \"CVE-2019-2739\", \"CVE-2019-2740\", \"CVE-2019-2805\");\n\n script_name(english:\"Scientific Linux Security Update : mariadb on SL7.x x86_64 (20200407)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"* mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul\n2019) * mysql: Server: Security: Privileges unspecified vulnerability\n(CPU Jul * mysql: Server: XML unspecified vulnerability (CPU Jul 2019)\n* mysql: Server: Parser unspecified vulnerability (CPU Jul 2019)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2004&L=SCIENTIFIC-LINUX-ERRATA&P=10441\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a0d0260c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2739\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mariadb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mariadb-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mariadb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mariadb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mariadb-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mariadb-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mariadb-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mariadb-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:mariadb-test\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mariadb-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mariadb-bench-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mariadb-debuginfo-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mariadb-devel-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mariadb-embedded-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mariadb-embedded-devel-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mariadb-libs-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mariadb-server-5.5.65-1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"mariadb-test-5.5.65-1.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mariadb / mariadb-bench / mariadb-debuginfo / mariadb-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:23", "description": "New mariadb packages are available for Slackware 14.1 and -current to fix security issues.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "Slackware 14.1 / current : mariadb (SSA:2019-213-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2805"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:mariadb", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.1"], "id": "SLACKWARE_SSA_2019-213-01.NASL", "href": "https://www.tenable.com/plugins/nessus/127729", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2019-213-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127729);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-2737\", \"CVE-2019-2739\", \"CVE-2019-2740\", \"CVE-2019-2805\");\n script_xref(name:\"SSA\", value:\"2019-213-01\");\n\n script_name(english:\"Slackware 14.1 / current : mariadb (SSA:2019-213-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New mariadb packages are available for Slackware 14.1 and -current to\nfix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2019&m=slackware-security.359778\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c07c58af\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mariadb package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2739\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:mariadb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.1\", pkgname:\"mariadb\", pkgver:\"5.5.65\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"mariadb\", pkgver:\"5.5.65\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"mariadb\", pkgver:\"10.4.7\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"mariadb\", pkgver:\"10.4.7\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:slackware_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:14", "description": "USN-4070-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2805 in MariaDB 10.1.\n\nUbuntu 18.04 LTS has been updated to MariaDB 10.1.41.\n\nIn addition to security fixes, the updated package contain bug fixes, new features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttps://mariadb.com/kb/en/library/mariadb-10141-changelog/ https://mariadb.com/kb/en/library/mariadb-10141-release-notes/\n\nMultiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues.\n\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated to MySQL 5.7.27.\n\nIn addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttp://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-27.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-507283 5.html.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-14T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS : MariaDB vulnerabilities (USN-4070-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2805"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libmariadbclient-dev", "p-cpe:/a:canonical:ubuntu_linux:libmariadbclient-dev-compat", "p-cpe:/a:canonical:ubuntu_linux:libmariadbclient18", "p-cpe:/a:canonical:ubuntu_linux:libmariadbd-dev", "p-cpe:/a:canonical:ubuntu_linux:libmariadbd18", "p-cpe:/a:canonical:ubuntu_linux:mariadb-client", "p-cpe:/a:canonical:ubuntu_linux:mariadb-client-10.1", "p-cpe:/a:canonical:ubuntu_linux:mariadb-client-core-10.1", "p-cpe:/a:canonical:ubuntu_linux:mariadb-common", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-connect", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-cracklib-password-check", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-gssapi-client", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-gssapi-server", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-mroonga", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-oqgraph", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-spider", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-tokudb", "p-cpe:/a:canonical:ubuntu_linux:mariadb-server", "p-cpe:/a:canonical:ubuntu_linux:mariadb-server-10.1", "p-cpe:/a:canonical:ubuntu_linux:mariadb-server-core-10.1", "p-cpe:/a:canonical:ubuntu_linux:mariadb-test", "p-cpe:/a:canonical:ubuntu_linux:mariadb-test-data", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4070-2.NASL", "href": "https://www.tenable.com/plugins/nessus/127886", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4070-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127886);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-2737\", \"CVE-2019-2739\", \"CVE-2019-2740\", \"CVE-2019-2805\");\n script_xref(name:\"USN\", value:\"4070-2\");\n\n script_name(english:\"Ubuntu 18.04 LTS : MariaDB vulnerabilities (USN-4070-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-4070-1 fixed multiple vulnerabilities in MySQL. This update\nprovides the corresponding fixes for CVE-2019-2737, CVE-2019-2739,\nCVE-2019-2740, CVE-2019-2805 in MariaDB 10.1.\n\nUbuntu 18.04 LTS has been updated to MariaDB 10.1.41.\n\nIn addition to security fixes, the updated package contain bug fixes,\nnew features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttps://mariadb.com/kb/en/library/mariadb-10141-changelog/\nhttps://mariadb.com/kb/en/library/mariadb-10141-release-notes/\n\nMultiple security issues were discovered in MySQL and this update\nincludes a new upstream MySQL version to fix these issues.\n\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated\nto MySQL 5.7.27.\n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttp://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-27.html\nhttps://www.oracle.com/technetwork/security-advisory/cpujul2019-507283\n5.html.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4070-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2739\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmariadbclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmariadbclient-dev-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmariadbclient18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmariadbd-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmariadbd18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-client-10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-client-core-10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-connect\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-cracklib-password-check\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-gssapi-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-gssapi-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-mroonga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-oqgraph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-spider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-tokudb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-server-10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-server-core-10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-test-data\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libmariadbclient-dev\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libmariadbclient-dev-compat\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libmariadbclient18\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libmariadbd-dev\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libmariadbd18\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-client\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-client-10.1\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-client-core-10.1\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-common\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-plugin-connect\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-plugin-cracklib-password-check\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-plugin-gssapi-client\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-plugin-gssapi-server\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-plugin-mroonga\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-plugin-oqgraph\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-plugin-spider\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-plugin-tokudb\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-server\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-server-10.1\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-server-core-10.1\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-test\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mariadb-test-data\", pkgver:\"1:10.1.41-0ubuntu0.18.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmariadbclient-dev / libmariadbclient-dev-compat / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:21:44", "description": "Amit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. (CVE-2019-10638)\n\nPraveen Pandey discovered that the Linux kernel did not properly validate sent signals in some situations on PowerPC systems with transactional memory disabled. A local attacker could use this to cause a denial of service. (CVE-2019-13648)\n\nIt was discovered that the floppy driver in the Linux kernel did not properly validate meta data, leading to a buffer overread. A local attacker could use this to cause a denial of service (system crash).\n(CVE-2019-14283)\n\nIt was discovered that the floppy driver in the Linux kernel did not properly validate ioctl() calls, leading to a division-by-zero. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-14284)\n\nJason Wang discovered that an infinite loop vulnerability existed in the virtio net driver in the Linux kernel. A local attacker in a guest VM could possibly use this to cause a denial of service in the host system. (CVE-2019-3900).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-03T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 19.04 : linux, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, (USN-4114-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10638", "CVE-2019-13648", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-3900"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.0", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4114-1.NASL", "href": "https://www.tenable.com/plugins/nessus/128474", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4114-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128474);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-10638\", \"CVE-2019-13648\", \"CVE-2019-14283\", \"CVE-2019-14284\", \"CVE-2019-3900\");\n script_xref(name:\"USN\", value:\"4114-1\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 19.04 : linux, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, (USN-4114-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Amit Klein and Benny Pinkas discovered that the Linux kernel did not\nsufficiently randomize IP ID values generated for connectionless\nnetworking protocols. A remote attacker could use this to track\nparticular Linux devices. (CVE-2019-10638)\n\nPraveen Pandey discovered that the Linux kernel did not properly\nvalidate sent signals in some situations on PowerPC systems with\ntransactional memory disabled. A local attacker could use this to\ncause a denial of service. (CVE-2019-13648)\n\nIt was discovered that the floppy driver in the Linux kernel did not\nproperly validate meta data, leading to a buffer overread. A local\nattacker could use this to cause a denial of service (system crash).\n(CVE-2019-14283)\n\nIt was discovered that the floppy driver in the Linux kernel did not\nproperly validate ioctl() calls, leading to a division-by-zero. A\nlocal attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-14284)\n\nJason Wang discovered that an infinite loop vulnerability existed in\nthe virtio net driver in the Linux kernel. A local attacker in a guest\nVM could possibly use this to cause a denial of service in the host\nsystem. (CVE-2019-3900).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4114-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14283\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-10638\", \"CVE-2019-13648\", \"CVE-2019-14283\", \"CVE-2019-14284\", \"CVE-2019-3900\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4114-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1015-gke\", pkgver:\"5.0.0-1015.15~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1018-azure\", pkgver:\"5.0.0-1018.19~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-27-generic\", pkgver:\"5.0.0-27.28~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-27-generic-lpae\", pkgver:\"5.0.0-27.28~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-27-lowlatency\", pkgver:\"5.0.0-27.28~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-azure\", pkgver:\"5.0.0.1018.28\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-hwe-18.04\", pkgver:\"5.0.0.27.84\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae-hwe-18.04\", pkgver:\"5.0.0.27.84\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gke-5.0\", pkgver:\"5.0.0.1015.5\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency-hwe-18.04\", pkgver:\"5.0.0.27.84\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-snapdragon-hwe-18.04\", pkgver:\"5.0.0.27.84\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual-hwe-18.04\", pkgver:\"5.0.0.27.84\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1015-gcp\", pkgver:\"5.0.0-1015.15\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1015-kvm\", pkgver:\"5.0.0-1015.16\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1015-raspi2\", pkgver:\"5.0.0-1015.15\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1018-azure\", pkgver:\"5.0.0-1018.19\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1019-snapdragon\", pkgver:\"5.0.0-1019.20\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-27-generic\", pkgver:\"5.0.0-27.28\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-27-generic-lpae\", pkgver:\"5.0.0-27.28\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-27-lowlatency\", pkgver:\"5.0.0-27.28\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-azure\", pkgver:\"5.0.0.1018.17\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-gcp\", pkgver:\"5.0.0.1015.41\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic\", pkgver:\"5.0.0.27.28\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"5.0.0.27.28\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-gke\", pkgver:\"5.0.0.1015.41\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-kvm\", pkgver:\"5.0.0.1015.15\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"5.0.0.27.28\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-raspi2\", pkgver:\"5.0.0.1015.12\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"5.0.0.1019.12\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-virtual\", pkgver:\"5.0.0.27.28\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-5.0-azure / linux-image-5.0-gcp / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:25:34", "description": "Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues.\n\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated to MySQL 5.7.27.\n\nIn addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttp://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-27.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-507283 5.html.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-07-25T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : MySQL vulnerabilities (USN-4070-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2738", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2741", "CVE-2019-2757", "CVE-2019-2758", "CVE-2019-2774", "CVE-2019-2778", "CVE-2019-2791", "CVE-2019-2797", "CVE-2019-2805", "CVE-2019-2819"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.7", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4070-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127041", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4070-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127041);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-2737\", \"CVE-2019-2738\", \"CVE-2019-2739\", \"CVE-2019-2740\", \"CVE-2019-2741\", \"CVE-2019-2757\", \"CVE-2019-2758\", \"CVE-2019-2774\", \"CVE-2019-2778\", \"CVE-2019-2791\", \"CVE-2019-2797\", \"CVE-2019-2805\", \"CVE-2019-2819\");\n script_xref(name:\"USN\", value:\"4070-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : MySQL vulnerabilities (USN-4070-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues were discovered in MySQL and this update\nincludes a new upstream MySQL version to fix these issues.\n\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated\nto MySQL 5.7.27.\n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttp://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-27.html\nhttps://www.oracle.com/technetwork/security-advisory/cpujul2019-507283\n5.html.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4070-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected mysql-server-5.7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2819\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"mysql-server-5.7\", pkgver:\"5.7.27-0ubuntu0.16.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mysql-server-5.7\", pkgver:\"5.7.27-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mysql-server-5.7\", pkgver:\"5.7.27-0ubuntu0.19.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql-server-5.7\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:33", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has mariadb packages installed that are affected by multiple vulnerabilities:\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth).\n Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2737)\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).\n Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.1 (Integrity and Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). (CVE-2019-2739)\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2740)\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2805)\n\n - Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client.\n Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). (CVE-2020-2922)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : mariadb Multiple Vulnerabilities (NS-SA-2020-0102)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2805", "CVE-2020-2922"], "modified": "2022-05-11T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0102_MARIADB.NASL", "href": "https://www.tenable.com/plugins/nessus/143973", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0102. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143973);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\n \"CVE-2019-2737\",\n \"CVE-2019-2739\",\n \"CVE-2019-2740\",\n \"CVE-2019-2805\",\n \"CVE-2020-2922\"\n );\n script_bugtraq_id(109243);\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : mariadb Multiple Vulnerabilities (NS-SA-2020-0102)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has mariadb packages installed that are affected\nby multiple vulnerabilities:\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth).\n Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily\n exploitable vulnerability allows high privileged attacker with network access via multiple protocols to\n compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to\n cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9\n (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2737)\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).\n Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily\n exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL\n Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well\n as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base\n Score 5.1 (Integrity and Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). (CVE-2019-2739)\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported\n versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2740)\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported\n versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2805)\n\n - Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are\n affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability\n allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client.\n Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL\n Client accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). (CVE-2020-2922)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0102\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL mariadb packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2922\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-2739\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.05': [\n 'mariadb-5.5.65-1.el7',\n 'mariadb-bench-5.5.65-1.el7',\n 'mariadb-debuginfo-5.5.65-1.el7',\n 'mariadb-devel-5.5.65-1.el7',\n 'mariadb-embedded-5.5.65-1.el7',\n 'mariadb-embedded-devel-5.5.65-1.el7',\n 'mariadb-libs-5.5.65-1.el7',\n 'mariadb-server-5.5.65-1.el7',\n 'mariadb-test-5.5.65-1.el7'\n ],\n 'CGSL MAIN 5.05': [\n 'mariadb-5.5.65-1.el7',\n 'mariadb-bench-5.5.65-1.el7',\n 'mariadb-debuginfo-5.5.65-1.el7',\n 'mariadb-devel-5.5.65-1.el7',\n 'mariadb-embedded-5.5.65-1.el7',\n 'mariadb-embedded-devel-5.5.65-1.el7',\n 'mariadb-libs-5.5.65-1.el7',\n 'mariadb-server-5.5.65-1.el7',\n 'mariadb-test-5.5.65-1.el7'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'mariadb');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:33", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has mariadb packages installed that are affected by multiple vulnerabilities:\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth).\n Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2737)\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).\n Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.1 (Integrity and Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). (CVE-2019-2739)\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2740)\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2805)\n\n - Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client.\n Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Client accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). (CVE-2020-2922)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : mariadb Multiple Vulnerabilities (NS-SA-2020-0068)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2805", "CVE-2020-2922"], "modified": "2022-05-11T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0068_MARIADB.NASL", "href": "https://www.tenable.com/plugins/nessus/143999", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0068. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143999);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/11\");\n\n script_cve_id(\n \"CVE-2019-2737\",\n \"CVE-2019-2739\",\n \"CVE-2019-2740\",\n \"CVE-2019-2805\",\n \"CVE-2020-2922\"\n );\n script_bugtraq_id(109243);\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : mariadb Multiple Vulnerabilities (NS-SA-2020-0068)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has mariadb packages installed that are affected\nby multiple vulnerabilities:\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth).\n Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily\n exploitable vulnerability allows high privileged attacker with network access via multiple protocols to\n compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to\n cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9\n (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2737)\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).\n Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily\n exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL\n Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well\n as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base\n Score 5.1 (Integrity and Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). (CVE-2019-2739)\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported\n versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2740)\n\n - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported\n versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability\n impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2805)\n\n - Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are\n affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability\n allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client.\n Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL\n Client accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). (CVE-2020-2922)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0068\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL mariadb packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2922\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-2739\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.04': [\n 'mariadb-5.5.65-1.el7',\n 'mariadb-bench-5.5.65-1.el7',\n 'mariadb-debuginfo-5.5.65-1.el7',\n 'mariadb-devel-5.5.65-1.el7',\n 'mariadb-embedded-5.5.65-1.el7',\n 'mariadb-embedded-devel-5.5.65-1.el7',\n 'mariadb-libs-5.5.65-1.el7',\n 'mariadb-server-5.5.65-1.el7',\n 'mariadb-test-5.5.65-1.el7'\n ],\n 'CGSL MAIN 5.04': [\n 'mariadb-5.5.65-1.el7',\n 'mariadb-bench-5.5.65-1.el7',\n 'mariadb-debuginfo-5.5.65-1.el7',\n 'mariadb-devel-5.5.65-1.el7',\n 'mariadb-embedded-5.5.65-1.el7',\n 'mariadb-embedded-devel-5.5.65-1.el7',\n 'mariadb-libs-5.5.65-1.el7',\n 'mariadb-server-5.5.65-1.el7',\n 'mariadb-test-5.5.65-1.el7'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'mariadb');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:28", "description": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).\n(CVE-2019-2739)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior.\nEasily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). (CVE-2019-2819)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2740)", "cvss3": {}, "published": "2019-10-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : mysql56 (ALAS-2019-1296)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2819"], "modified": "2019-12-23T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:mysql56", "p-cpe:/a:amazon:linux:mysql56-bench", "p-cpe:/a:amazon:linux:mysql56-common", "p-cpe:/a:amazon:linux:mysql56-debuginfo", "p-cpe:/a:amazon:linux:mysql56-devel", "p-cpe:/a:amazon:linux:mysql56-embedded", "p-cpe:/a:amazon:linux:mysql56-embedded-devel", "p-cpe:/a:amazon:linux:mysql56-errmsg", "p-cpe:/a:amazon:linux:mysql56-libs", "p-cpe:/a:amazon:linux:mysql56-server", "p-cpe:/a:amazon:linux:mysql56-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1296.NASL", "href": "https://www.tenable.com/plugins/nessus/129566", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1296.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129566);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/23\");\n\n script_cve_id(\"CVE-2019-2739\", \"CVE-2019-2740\", \"CVE-2019-2819\");\n script_xref(name:\"ALAS\", value:\"2019-1296\");\n\n script_name(english:\"Amazon Linux AMI : mysql56 (ALAS-2019-1296)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Security: Privileges). Supported versions that\nare affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and\nprior. Easily exploitable vulnerability allows high privileged\nattacker with logon to the infrastructure where MySQL Server executes\nto compromise MySQL Server. Successful attacks of this vulnerability\ncan result in unauthorized ability to cause a hang or frequently\nrepeatable crash (complete DOS) of MySQL Server as well as\nunauthorized update, insert or delete access to some of MySQL Server\naccessible data. CVSS 3.0 Base Score 5.1 (Integrity and Availability\nimpacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).\n(CVE-2019-2739)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Security: Audit). Supported versions that are\naffected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior.\nEasily exploitable vulnerability allows high privileged attacker with\nnetwork access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized\nability to cause a hang or frequently repeatable crash (complete DOS)\nof MySQL Server as well as unauthorized update, insert or delete\naccess to some of MySQL Server accessible data. CVSS 3.0 Base Score\n5.5 (Integrity and Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). (CVE-2019-2819)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: XML). Supported versions that are affected are\n5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily\nexploitable vulnerability allows low privileged attacker with network\naccess via multiple protocols to compromise MySQL Server. Successful\nattacks of this vulnerability can result in unauthorized ability to\ncause a hang or frequently repeatable crash (complete DOS) of MySQL\nServer. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2740)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1296.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update mysql56' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2819\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-errmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-5.6.45-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-bench-5.6.45-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-common-5.6.45-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-debuginfo-5.6.45-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-devel-5.6.45-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-embedded-5.6.45-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-embedded-devel-5.6.45-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-errmsg-5.6.45-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-libs-5.6.45-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-server-5.6.45-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-test-5.6.45-1.34.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql56 / mysql56-bench / mysql56-common / mysql56-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:39", "description": "It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2018-20856)\n\nAmit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. (CVE-2019-10638)\n\nPraveen Pandey discovered that the Linux kernel did not properly validate sent signals in some situations on PowerPC systems with transactional memory disabled. A local attacker could use this to cause a denial of service. (CVE-2019-13648)\n\nIt was discovered that the floppy driver in the Linux kernel did not properly validate meta data, leading to a buffer overread. A local attacker could use this to cause a denial of service (system crash).\n(CVE-2019-14283)\n\nIt was discovered that the floppy driver in the Linux kernel did not properly validate ioctl() calls, leading to a division-by-zero. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-14284)\n\nJason Wang discovered that an infinite loop vulnerability existed in the virtio net driver in the Linux kernel. A local attacker in a guest VM could possibly use this to cause a denial of service in the host system. (CVE-2019-3900).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-03T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities (USN-4116-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-10638", "CVE-2019-13648", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-3900"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-4116-1.NASL", "href": "https://www.tenable.com/plugins/nessus/128476", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4116-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128476);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-20856\", \"CVE-2019-10638\", \"CVE-2019-13648\", \"CVE-2019-14283\", \"CVE-2019-14284\", \"CVE-2019-3900\");\n script_xref(name:\"USN\", value:\"4116-1\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities (USN-4116-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that a use-after-free error existed in the block\nlayer subsystem of the Linux kernel when certain failure conditions\noccurred. A local attacker could possibly use this to cause a denial\nof service (system crash) or possibly execute arbitrary code.\n(CVE-2018-20856)\n\nAmit Klein and Benny Pinkas discovered that the Linux kernel did not\nsufficiently randomize IP ID values generated for connectionless\nnetworking protocols. A remote attacker could use this to track\nparticular Linux devices. (CVE-2019-10638)\n\nPraveen Pandey discovered that the Linux kernel did not properly\nvalidate sent signals in some situations on PowerPC systems with\ntransactional memory disabled. A local attacker could use this to\ncause a denial of service. (CVE-2019-13648)\n\nIt was discovered that the floppy driver in the Linux kernel did not\nproperly validate meta data, leading to a buffer overread. A local\nattacker could use this to cause a denial of service (system crash).\n(CVE-2019-14283)\n\nIt was discovered that the floppy driver in the Linux kernel did not\nproperly validate ioctl() calls, leading to a division-by-zero. A\nlocal attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-14284)\n\nJason Wang discovered that an infinite loop vulnerability existed in\nthe virtio net driver in the Linux kernel. A local attacker in a guest\nVM could possibly use this to cause a denial of service in the host\nsystem. (CVE-2019-3900).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4116-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14283\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-20856\", \"CVE-2019-10638\", \"CVE-2019-13648\", \"CVE-2019-14283\", \"CVE-2019-14284\", \"CVE-2019-3900\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4116-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1056-kvm\", pkgver:\"4.4.0-1056.63\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1092-aws\", pkgver:\"4.4.0-1092.103\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1120-raspi2\", pkgver:\"4.4.0-1120.129\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1124-snapdragon\", pkgver:\"4.4.0-1124.130\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-161-generic\", pkgver:\"4.4.0-161.189\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-161-generic-lpae\", pkgver:\"4.4.0-161.189\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-161-lowlatency\", pkgver:\"4.4.0-161.189\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1092.96\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.161.169\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.161.169\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.4.0.1056.56\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.161.169\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.4.0.1120.120\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1124.116\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.4.0.161.169\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-aws / linux-image-4.4-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:36", "description": "The version of MariaDB installed on the remote host is prior to 5.5.65. It is, therefore, affected by the following vulnerabilities, as referenced in the mdb-5565-rn advisory:\n\n - A vulnerability in the 'Server: Privileges' subcomponent. This is an easily exploitable vulnerability that allows a highly privileged attacker, who is able to logon to the infrastructure where the MariaDB Server executes, to compromise the MariaDB Server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MariaDB Server as well as unauthorized update, insert or delete access to some of the data accessible to the MariaDB Server. (CVE-2019-2739)\n\n - A vulnerability in the 'Server: XML' subcomponent. This is an easily exploitable vulnerability that allows a low privileged attacker with network access via multiple protocols to compromise a MariaDB Server.Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2740)\n\n - A vulnerability in the 'Server: Parser' subcomponent. This is an easily exploitable vulnerability that allows a low privileged attacker with network access via multiple protocols to compromise the MariaDB Server.\n Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server. (CVE-2019-2805)\n\n - A vulnerability in the 'Server: Pluggable Auth' subcomponent. This is an easily exploitable vulnerability that allows a highly privileged attacker with network access via multiple protocols to compromise the MariaDB Server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2737)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-09-26T00:00:00", "type": "nessus", "title": "MariaDB 5.5.0 < 5.5.65 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2805", "CVE-2020-2922", "CVE-2021-2007"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:mariadb:mariadb"], "id": "MARIADB_5_5_65.NASL", "href": "https://www.tenable.com/plugins/nessus/129357", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129357);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-2737\",\n \"CVE-2019-2739\",\n \"CVE-2019-2740\",\n \"CVE-2019-2805\",\n \"CVE-2020-2922\",\n \"CVE-2021-2007\"\n );\n script_bugtraq_id(109243);\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"MariaDB 5.5.0 < 5.5.65 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MariaDB installed on the remote host is prior to 5.5.65. It is, therefore, affected by the following\nvulnerabilities, as referenced in the mdb-5565-rn advisory:\n\n - A vulnerability in the 'Server: Privileges'\n subcomponent. This is an easily exploitable\n vulnerability that allows a highly privileged attacker,\n who is able to logon to the infrastructure where the\n MariaDB Server executes, to compromise the MariaDB\n Server. Successful attacks involving this vulnerability\n can result in the unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of\n MariaDB Server as well as unauthorized update, insert\n or delete access to some of the data accessible to the\n MariaDB Server. (CVE-2019-2739)\n\n - A vulnerability in the 'Server: XML' subcomponent. This\n is an easily exploitable vulnerability that allows a\n low privileged attacker with network access via multiple\n protocols to compromise a MariaDB Server.Successful\n attacks involving this vulnerability can result in the\n unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2740)\n\n - A vulnerability in the 'Server: Parser' subcomponent. \n This is an easily exploitable vulnerability that allows\n a low privileged attacker with network access via\n multiple protocols to compromise the MariaDB Server.\n Successful attacks involving this vulnerability can\n result in the unauthorized ability to cause a hang or\n frequently repeatable crash (complete DOS) of the\n MariaDB Server. (CVE-2019-2805)\n\n - A vulnerability in the 'Server: Pluggable Auth'\n subcomponent. This is an easily exploitable\n vulnerability that allows a highly privileged attacker\n with network access via multiple protocols to\n compromise the MariaDB Server. Successful attacks\n involving this vulnerability can result in the\n unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2737)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://mariadb.com/kb/en/mdb-5565-rn\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MariaDB version 5.5.65 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-2007\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/26\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mariadb:mariadb\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude('mysql_version.inc');\n\nmysql_check_version(variant: 'MariaDB', min:'5.5.0-MariaDB', fixed:make_list('5.5.65-MariaDB'), severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:16", "description": "This update for mariadb-100 fixes the following issues :\n\nUpdated to MariaDB 10.0.40-1.\n\nSecurity issues fixed :\n\nCVE-2019-2805, CVE-2019-2740, CVE-2019-2739, CVE-2019-2737, CVE-2019-2614, CVE-2019-2627. (bsc#1132826) (bsc#1141798).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-17T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : mariadb-100 (SUSE-SU-2019:2687-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2614", "CVE-2019-2627", "CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2805"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libmysqlclient18", "p-cpe:/a:novell:suse_linux:libmysqlclient18-debuginfo", "p-cpe:/a:novell:suse_linux:libmysqlclient_r18", "p-cpe:/a:novell:suse_linux:mariadb-100-debuginfo", "p-cpe:/a:novell:suse_linux:mariadb-100-debugsource", "p-cpe:/a:novell:suse_linux:mariadb-100-errormessages", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2687-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130001", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2687-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130001);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-2614\", \"CVE-2019-2627\", \"CVE-2019-2737\", \"CVE-2019-2739\", \"CVE-2019-2740\", \"CVE-2019-2805\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : mariadb-100 (SUSE-SU-2019:2687-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for mariadb-100 fixes the following issues :\n\nUpdated to MariaDB 10.0.40-1.\n\nSecurity issues fixed :\n\nCVE-2019-2805, CVE-2019-2740, CVE-2019-2739, CVE-2019-2737,\nCVE-2019-2614, CVE-2019-2627. (bsc#1132826) (bsc#1141798).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1132826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2614/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2627/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2737/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2739/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2740/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2805/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192687-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f4ae8850\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2019-2687=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-2687=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-2687=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-2687=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2739\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmysqlclient18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmysqlclient18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmysqlclient_r18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-100-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-100-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-100-errormessages\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libmysqlclient18-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libmysqlclient18-32bit-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libmysqlclient18-debuginfo-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libmysqlclient18-debuginfo-32bit-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"mariadb-100-debuginfo-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"mariadb-100-debugsource-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"mariadb-100-errormessages-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libmysqlclient18-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libmysqlclient18-32bit-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libmysqlclient18-debuginfo-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libmysqlclient18-debuginfo-32bit-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libmysqlclient_r18-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libmysqlclient_r18-32bit-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"mariadb-100-debuginfo-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"mariadb-100-debugsource-10.0.40.1-2.9.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"mariadb-100-errormessages-10.0.40.1-2.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mariadb-100\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:09", "description": "The version of MariaDB installed on the remote host is prior to 10.1.41. It is, therefore, affected by the following vulnerabilities as referenced in the mdb-10141-rn advisory.\n\n - A vulnerability in the 'Server: Pluggable Auth' subcomponent. This is an easily exploitable vulnerability that allows a highly privileged attacker with network access via multiple protocols to compromise the MariaDB Server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2737)\n\n - A vulnerability in the 'Server: Security: Privileges' subcomponent. This is an easily exploitable vulnerability that allows a highly privileged attacker, who is able to logon to the infrastructure where the MariaDB Server executes, to compromise the MariaDB Server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MariaDB Server as well as unauthorized update, insert or delete access to some of the data accessible to the MariaDB Server. (CVE-2019-2739)\n\n - A vulnerability in the 'Server: XML' subcomponent. This is an easily exploitable vulnerability that allows a low privileged attacker with network access via multiple protocols to compromise a MariaDB Server.Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2740)\n\n - A vulnerability in the 'Server: Parser' subcomponent.\n This is an easily exploitable vulnerability that allows a low privileged attacker with network access via multiple protocols to compromise the MariaDB Server.\n Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server. (CVE-2019-2805)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-09-17T00:00:00", "type": "nessus", "title": "MariaDB 10.1.0 < 10.1.41 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2805", "CVE-2020-2922", "CVE-2021-2007"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:mariadb:mariadb"], "id": "MARIADB_10_1_41.NASL", "href": "https://www.tenable.com/plugins/nessus/128879", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128879);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-2737\",\n \"CVE-2019-2739\",\n \"CVE-2019-2740\",\n \"CVE-2019-2805\",\n \"CVE-2020-2922\",\n \"CVE-2021-2007\"\n );\n script_bugtraq_id(109243);\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"MariaDB 10.1.0 < 10.1.41 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MariaDB installed on the remote host is prior to 10.1.41. It is, therefore, affected by the following\nvulnerabilities as referenced in the mdb-10141-rn advisory.\n\n - A vulnerability in the 'Server: Pluggable Auth'\n subcomponent. This is an easily exploitable\n vulnerability that allows a highly privileged attacker\n with network access via multiple protocols to\n compromise the MariaDB Server. Successful attacks\n involving this vulnerability can result in the\n unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2737)\n\n - A vulnerability in the 'Server: Security: Privileges'\n subcomponent. This is an easily exploitable\n vulnerability that allows a highly privileged attacker,\n who is able to logon to the infrastructure where the\n MariaDB Server executes, to compromise the MariaDB\n Server. Successful attacks involving this vulnerability\n can result in the unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of\n MariaDB Server as well as unauthorized update, insert\n or delete access to some of the data accessible to the\n MariaDB Server. (CVE-2019-2739)\n\n - A vulnerability in the 'Server: XML' subcomponent. This\n is an easily exploitable vulnerability that allows a\n low privileged attacker with network access via multiple\n protocols to compromise a MariaDB Server.Successful\n attacks involving this vulnerability can result in the\n unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2740)\n\n - A vulnerability in the 'Server: Parser' subcomponent.\n This is an easily exploitable vulnerability that allows\n a low privileged attacker with network access via\n multiple protocols to compromise the MariaDB Server.\n Successful attacks involving this vulnerability can\n result in the unauthorized ability to cause a hang or\n frequently repeatable crash (complete DOS) of the\n MariaDB Server. (CVE-2019-2805)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://mariadb.com/kb/en/mdb-10141-rn\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MariaDB version 10.1.41 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-2007\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/17\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mariadb:mariadb\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude('mysql_version.inc');\n\nmysql_check_version(variant: 'MariaDB', min:'10.1.0-MariaDB', fixed:make_list('10.1.41-MariaDB'), severity:SECURITY_WARNING, paranoid: false);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-27T14:17:37", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1100 advisory.\n\n - mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) (CVE-2019-2737)\n\n - mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) (CVE-2019-2739)\n\n - mysql: Server: XML unspecified vulnerability (CPU Jul 2019) (CVE-2019-2740)\n\n - mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) (CVE-2019-2805)\n\n - mysql: C API unspecified vulnerability (CPU Apr 2020) (CVE-2020-2922)\n\n - mysql: C API unspecified vulnerability (CPU Jan 2021) (CVE-2021-2007)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-03-31T00:00:00", "type": "nessus", "title": "RHEL 7 : mariadb (RHSA-2020:1100)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2805", "CVE-2020-2922", "CVE-2021-2007"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:mariadb", "p-cpe:/a:redhat:enterprise_linux:mariadb-bench", "p-cpe:/a:redhat:enterprise_linux:mariadb-devel", "p-cpe:/a:redhat:enterprise_linux:mariadb-embedded", "p-cpe:/a:redhat:enterprise_linux:mariadb-embedded-devel", "p-cpe:/a:redhat:enterprise_linux:mariadb-libs", "p-cpe:/a:redhat:enterprise_linux:mariadb-server", "p-cpe:/a:redhat:enterprise_linux:mariadb-test"], "id": "REDHAT-RHSA-2020-1100.NASL", "href": "https://www.tenable.com/plugins/nessus/135043", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1100. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135043);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2019-2737\",\n \"CVE-2019-2739\",\n \"CVE-2019-2740\",\n \"CVE-2019-2805\"\n );\n script_bugtraq_id(109243);\n script_xref(name:\"RHSA\", value:\"2020:1100\");\n script_xref(name:\"IAVA\", value:\"2020-A-0143\");\n script_xref(name:\"IAVA\", value:\"2021-A-0038\");\n script_xref(name:\"IAVA\", value:\"2019-A-0252-S\");\n\n script_name(english:\"RHEL 7 : mariadb (RHSA-2020:1100)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1100 advisory.\n\n - mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) (CVE-2019-2737)\n\n - mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019) (CVE-2019-2739)\n\n - mysql: Server: XML unspecified vulnerability (CPU Jul 2019) (CVE-2019-2740)\n\n - mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) (CVE-2019-2805)\n\n - mysql: C API unspecified vulnerability (CPU Apr 2020) (CVE-2020-2922)\n\n - mysql: C API unspecified vulnerability (CPU Jan 2021) (CVE-2021-2007)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-2737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-2739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-2740\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-2805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2922\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-2007\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1731997\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1731999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1732000\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1732025\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1835850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1922382\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2739\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mariadb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mariadb-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mariadb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mariadb-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mariadb-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mariadb-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mariadb-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mariadb-test\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'mariadb-5.5.65-1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-5.5.65-1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-5.5.65-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-5.5.65-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-bench-5.5.65-1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-bench-5.5.65-1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-bench-5.5.65-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-bench-5.5.65-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-devel-5.5.65-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-embedded-5.5.65-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-embedded-devel-5.5.65-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-libs-5.5.65-1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-server-5.5.65-1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-server-5.5.65-1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-server-5.5.65-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-server-5.5.65-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-test-5.5.65-1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-test-5.5.65-1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-test-5.5.65-1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'mariadb-test-5.5.65-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'mariadb / mariadb-bench / mariadb-devel / mariadb-embedded / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:36", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.\n\nCVE-2017-18509\n\nDenis Andzakovic reported a missing type check in the IPv4 multicast routing implementation. A user with the CAP_NET_ADMIN capability (in any user namespace) could use this for denial of service (memory corruption or crash) or possibly for privilege escalation.\n\nCVE-2018-20836\n\nchenxiang reported a race condition in libsas, the kernel subsystem supporting Serial Attached SCSI (SAS) devices, which could lead to a use-after-free. It is not clear how this might be exploited.\n\nCVE-2019-1125\n\nIt was discovered that most x86 processors could speculatively skip a conditional SWAPGS instruction used when entering the kernel from user mode, and/or could speculatively execute it when it should be skipped.\nThis is a subtype of Spectre variant 1, which could allow local users to obtain sensitive information from the kernel or other processes. It has been mitigated by using memory barriers to limit speculative execution. Systems using an i386 kernel are not affected as the kernel does not use SWAPGS.\n\nCVE-2019-3900\n\nIt was discovered that vhost drivers did not properly control the amount of work done to service requests from guest VMs. A malicious guest could use this to cause a denial of service (unbounded CPU usage) on the host.\n\nCVE-2019-10207\n\nThe syzkaller tool found a potential null dereference in various drivers for UART-attached Bluetooth adapters. A local user with access to a pty device or other suitable tty device could use this for denial of service (BUG/oops).\n\nCVE-2019-10638\n\nAmit Klein and Benny Pinkas discovered that the generation of IP packet IDs used a weak hash function, 'jhash'. This could enable tracking individual computers as they communicate with different remote servers and from different networks. The 'siphash' function is now used instead.\n\nCVE-2019-13631\n\nIt was discovered that the gtco driver for USB input tablets could overrun a stack buffer with constant data while parsing the device's descriptor. A physically present user with a specially constructed USB device could use this to cause a denial of service (BUG/oops), or possibly for privilege escalation.\n\nCVE-2019-14283\n\nThe syzkaller tool found a missing bounds check in the floppy disk driver. A local user with access to a floppy disk device, with a disk present, could use this to read kernel memory beyond the I/O buffer, possibly obtaining sensitive information.\n\nCVE-2019-14284\n\nThe syzkaller tool found a potential division-by-zero in the floppy disk driver. A local user with access to a floppy disk device could use this for denial of service (oops).\n\n(CVE ID not yet assigned)\n\nDenis Andzakovic reported a possible use-after-free in the TCP sockets implementation. A local user could use this for denial of service (memory corruption or crash) or possibly for privilege escalation.\n\n(CVE ID not yet assigned)\n\nThe netfilter conntrack subsystem used kernel addresses as user-visible IDs, which could make it easier to exploit other security vulnerabilities.\n\nXSA-300\n\nJulien Grall reported that Linux does not limit the amount of memory which a domain will attempt to balloon out, nor limits the amount of 'foreign / grant map' memory which any individual guest can consume, leading to denial of service conditions (for host or guests).\n\nFor Debian 8 'Jessie', these problems have been fixed in version 3.16.72-1.\n\nWe recommend that you upgrade your linux packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-14T00:00:00", "type": "nessus", "title": "Debian DLA-1884-1 : linux security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18509", "CVE-2018-20836", "CVE-2019-10207", "CVE-2019-10638", "CVE-2019-1125", "CVE-2019-13631", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-3900"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.8-arm", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.8-x86", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.9-x86", "p-cpe:/a:debian:debian_linux:linux-doc-3.16", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-586", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-armel", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-armhf", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-i386", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-common", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-ixp4xx", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-kirkwood", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-orion5x", "p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-versatile", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-586", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-686-pae", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-amd64", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-armmp", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-ixp4xx", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-kirkwood", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-orion5x", "p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-versatile", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-manual-3.16", "p-cpe:/a:debian:debian_linux:linux-source-3.16", "p-cpe:/a:debian:debian_linux:linux-support-3.16.0-9", "p-cpe:/a:debian:debian_linux:xen-linux-system-3.16.0-9-amd64", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1884.NASL", "href": "https://www.tenable.com/plugins/nessus/127866", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1884-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127866);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2017-18509\",\n \"CVE-2018-20836\",\n \"CVE-2019-10207\",\n \"CVE-2019-10638\",\n \"CVE-2019-1125\",\n \"CVE-2019-13631\",\n \"CVE-2019-14283\",\n \"CVE-2019-14284\",\n \"CVE-2019-3900\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Debian DLA-1884-1 : linux security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-18509\n\nDenis Andzakovic reported a missing type check in the IPv4 multicast\nrouting implementation. A user with the CAP_NET_ADMIN capability (in\nany user namespace) could use this for denial of service (memory\ncorruption or crash) or possibly for privilege escalation.\n\nCVE-2018-20836\n\nchenxiang reported a race condition in libsas, the kernel subsystem\nsupporting Serial Attached SCSI (SAS) devices, which could lead to a\nuse-after-free. It is not clear how this might be exploited.\n\nCVE-2019-1125\n\nIt was discovered that most x86 processors could speculatively skip a\nconditional SWAPGS instruction used when entering the kernel from user\nmode, and/or could speculatively execute it when it should be skipped.\nThis is a subtype of Spectre variant 1, which could allow local users\nto obtain sensitive information from the kernel or other processes. It\nhas been mitigated by using memory barriers to limit speculative\nexecution. Systems using an i386 kernel are not affected as the kernel\ndoes not use SWAPGS.\n\nCVE-2019-3900\n\nIt was discovered that vhost drivers did not properly control the\namount of work done to service requests from guest VMs. A malicious\nguest could use this to cause a denial of service (unbounded CPU\nusage) on the host.\n\nCVE-2019-10207\n\nThe syzkaller tool found a potential null dereference in various\ndrivers for UART-attached Bluetooth adapters. A local user with access\nto a pty device or other suitable tty device could use this for\ndenial of service (BUG/oops).\n\nCVE-2019-10638\n\nAmit Klein and Benny Pinkas discovered that the generation of IP\npacket IDs used a weak hash function, 'jhash'. This could enable\ntracking individual computers as they communicate with different\nremote servers and from different networks. The 'siphash' function is\nnow used instead.\n\nCVE-2019-13631\n\nIt was discovered that the gtco driver for USB input tablets could\noverrun a stack buffer with constant data while parsing the device's\ndescriptor. A physically present user with a specially constructed USB\ndevice could use this to cause a denial of service (BUG/oops), or\npossibly for privilege escalation.\n\nCVE-2019-14283\n\nThe syzkaller tool found a missing bounds check in the floppy disk\ndriver. A local user with access to a floppy disk device, with a disk\npresent, could use this to read kernel memory beyond the I/O buffer,\npossibly obtaining sensitive information.\n\nCVE-2019-14284\n\nThe syzkaller tool found a potential division-by-zero in the floppy\ndisk driver. A local user with access to a floppy disk device could\nuse this for denial of service (oops).\n\n(CVE ID not yet assigned)\n\nDenis Andzakovic reported a possible use-after-free in the TCP sockets\nimplementation. A local user could use this for denial of service\n(memory corruption or crash) or possibly for privilege escalation.\n\n(CVE ID not yet assigned)\n\nThe netfilter conntrack subsystem used kernel addresses as\nuser-visible IDs, which could make it easier to exploit other security\nvulnerabilities.\n\nXSA-300\n\nJulien Grall reported that Linux does not limit the amount of memory\nwhich a domain will attempt to balloon out, nor limits the amount of\n'foreign / grant map' memory which any individual guest can consume,\nleading to denial of service conditions (for host or guests).\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n3.16.72-1.\n\nWe recommend that you upgrade your linux packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2019/08/msg00016.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/jessie/linux\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.8-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.8-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-4.9-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-3.16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-586\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-armel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-armhf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-all-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-ixp4xx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-kirkwood\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-orion5x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-3.16.0-9-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-586\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-ixp4xx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-kirkwood\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-orion5x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-3.16.0-9-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-manual-3.16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-3.16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-3.16.0-9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-linux-system-3.16.0-9-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-arm\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-x86\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.9-x86\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-doc-3.16\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-586\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-686-pae\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-amd64\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armel\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armhf\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-i386\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-amd64\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp-lpae\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-common\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-ixp4xx\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-kirkwood\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-orion5x\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-versatile\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-586\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae-dbg\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64-dbg\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp-lpae\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-ixp4xx\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-kirkwood\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-orion5x\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-versatile\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-libc-dev\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-manual-3.16\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-source-3.16\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-support-3.16.0-9\", reference:\"3.16.72-1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-linux-system-3.16.0-9-amd64\", reference:\"3.16.72-1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:04:20", "description": "The remote host is affected by the vulnerability described in GLSA-202007-39 (Binutils: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Binutils. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2020-07-27T00:00:00", "type": "nessus", "title": "GLSA-202007-39 : Binutils: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12972", "CVE-2019-14250", "CVE-2019-14444", "CVE-2019-17450", "CVE-2019-17451"], "modified": "2023-03-03T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:binutils"], "id": "GENTOO_GLSA-202007-39.NASL", "href": "https://www.tenable.com/plugins/nessus/138962", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202007-39.\n#\n# The advisory text is Copyright (C) 2001-2023 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138962);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/03\");\n\n script_cve_id(\"CVE-2019-12972\", \"CVE-2019-14250\", \"CVE-2019-14444\", \"CVE-2019-17450\", \"CVE-2019-17451\");\n script_xref(name:\"GLSA\", value:\"202007-39\");\n\n script_name(english:\"GLSA-202007-39 : Binutils: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202007-39\n(Binutils: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Binutils. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202007-39\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All Binutils users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-devel/binutils-2.33.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17451\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"sys-devel/binutils\", unaffected:make_list(\"ge 2.33.1\"), vulnerable:make_list(\"lt 2.33.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Binutils\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:15", "description": "It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-10126)\n\nAndrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-1125)\n\nIt was discovered that the PowerPC dlpar implementation in the Linux kernel did not properly check for allocation errors in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-12614)\n\nIt was discovered that a NULL pointer dereference vulnerability existed in the Near-field communication (NFC) implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-12984)\n\nJann Horn discovered a use-after-free vulnerability in the Linux kernel when accessing LDT entries in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-13233)\n\nJann Horn discovered that the ptrace implementation in the Linux kernel did not properly record credentials in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2019-13272)\n\nIt was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-3846).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-14T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 19.04 : Linux kernel vulnerabilities (USN-4093-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10126", "CVE-2019-1125", "CVE-2019-12614", "CVE-2019-12984", "CVE-2019-13233", "CVE-2019-13272", "CVE-2019-3846"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4093-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127888", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4093-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127888);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-10126\", \"CVE-2019-1125\", \"CVE-2019-12614\", \"CVE-2019-12984\", \"CVE-2019-13233\", \"CVE-2019-13272\", \"CVE-2019-3846\");\n script_xref(name:\"USN\", value:\"4093-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 19.04 : Linux kernel vulnerabilities (USN-4093-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that a heap buffer overflow existed in the Marvell\nWireless LAN device driver for the Linux kernel. An attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2019-10126)\n\nAndrei Vlad Lutas and Dan Lutas discovered that some x86 processors\nincorrectly handle SWAPGS instructions during speculative execution. A\nlocal attacker could use this to expose sensitive information (kernel\nmemory). (CVE-2019-1125)\n\nIt was discovered that the PowerPC dlpar implementation in the Linux\nkernel did not properly check for allocation errors in some\nsituations. A local attacker could possibly use this to cause a denial\nof service (system crash). (CVE-2019-12614)\n\nIt was discovered that a NULL pointer dereference vulnerability\nexisted in the Near-field communication (NFC) implementation in the\nLinux kernel. A local attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-12984)\n\nJann Horn discovered a use-after-free vulnerability in the Linux\nkernel when accessing LDT entries in some situations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-13233)\n\nJann Horn discovered that the ptrace implementation in the Linux\nkernel did not properly record credentials in some situations. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly gain administrative privileges. (CVE-2019-13272)\n\nIt was discovered that the Marvell Wireless LAN device driver in the\nLinux kernel did not properly validate the BSS descriptor. A local\nattacker could possibly use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2019-3846).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4093-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-10126\", \"CVE-2019-1125\", \"CVE-2019-12614\", \"CVE-2019-12984\", \"CVE-2019-13233\", \"CVE-2019-13272\", \"CVE-2019-3846\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4093-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1014-azure\", pkgver:\"5.0.0-1014.14~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-25-generic\", pkgver:\"5.0.0-25.26~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-25-generic-lpae\", pkgver:\"5.0.0-25.26~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-25-lowlatency\", pkgver:\"5.0.0-25.26~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-azure\", pkgver:\"5.0.0.1014.25\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-hwe-18.04\", pkgver:\"5.0.0.25.82\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae-hwe-18.04\", pkgver:\"5.0.0.25.82\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency-hwe-18.04\", pkgver:\"5.0.0.25.82\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-snapdragon-hwe-18.04\", pkgver:\"5.0.0.25.82\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual-hwe-18.04\", pkgver:\"5.0.0.25.82\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1013-gcp\", pkgver:\"5.0.0-1013.13\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1013-kvm\", pkgver:\"5.0.0-1013.14\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1014-azure\", pkgver:\"5.0.0-1014.14\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1014-raspi2\", pkgver:\"5.0.0-1014.14\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1018-snapdragon\", pkgver:\"5.0.0-1018.19\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-25-generic\", pkgver:\"5.0.0-25.26\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-25-generic-lpae\", pkgver:\"5.0.0-25.26\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-25-lowlatency\", pkgver:\"5.0.0-25.26\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-azure\", pkgver:\"5.0.0.1014.13\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-gcp\", pkgver:\"5.0.0.1013.13\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic\", pkgver:\"5.0.0.25.26\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"5.0.0.25.26\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-gke\", pkgver:\"5.0.0.1013.13\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-kvm\", pkgver:\"5.0.0.1013.13\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"5.0.0.25.26\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-raspi2\", pkgver:\"5.0.0.1014.11\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"5.0.0.1018.11\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-virtual\", pkgver:\"5.0.0.25.26\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-5.0-azure / linux-image-5.0-gcp / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:06", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2019-09-12T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Linux PHSA-209-2.0-0175", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20856", "CVE-2019-14283", "CVE-2019-14284", "CVE-2019-15239", "CVE-2019-15926"], "modified": "2019-12-30T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-209-2_0-0175_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/128725", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-209-2.0-0175. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128725);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/30\");\n\n script_cve_id(\n \"CVE-2018-20856\",\n \"CVE-2019-14283\",\n \"CVE-2019-14284\",\n \"CVE-2019-15239\",\n \"CVE-2019-15926\"\n );\n\n script_name(english:\"Photon OS 2.0: Linux PHSA-209-2.0-0175\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-175.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15926\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-api-headers-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-debuginfo-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-devel-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-docs-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-drivers-gpu-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-oprofile-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-aws-sound-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-debuginfo-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-devel-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-docs-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-drivers-gpu-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-esx-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-esx-debuginfo-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-esx-devel-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-esx-docs-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-oprofile-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-secure-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-secure-debuginfo-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-secure-devel-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-secure-docs-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-secure-lkcm-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-sound-4.9.189-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-tools-4.9.189-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:28:42", "description": "The version of MariaDB installed on the remote host is prior to 10.2.26. It is, therefore, affected by multiple vulnerabilities as referenced in the mdb-10226-rn advisory.\n\n - A vulnerability in the 'Server: Pluggable Auth' subcomponent. This is an easily exploitable vulnerability that allows a highly privileged attacker with network access via multiple protocols to compromise the MariaDB Server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2737)\n\n - A vulnerability in the 'Server: Security: Privileges' subcomponent. This is an easily exploitable vulnerability that allows a highly privileged attacker, who is able to logon to the infrastructure where the MariaDB Server executes, to compromise the MariaDB Server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MariaDB Server as well as unauthorized update, insert or delete access to some of the data accessible to the MariaDB Server. (CVE-2019-2739)\n\n - A vulnerability in the 'Server: XML' subcomponent. This is an easily exploitable vulnerability that allows a low privileged attacker with network access via multiple protocols to compromise a MariaDB Server.Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2740)\n\n - A vulnerability in the InnoDB subcomponent of the MariaDB Server. This is an easily exploitable vulnerability that allows a highly privileged attacker with network access via multiple protocols to compromise a MariaDB Server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server as well as unauthorized update, insert or delete access to some of the data accessible to the MariaDB Server. (CVE-2019-2758)\n\n - A vulnerability in the 'Server: Parser' subcomponent.\n This is an easily exploitable vulnerability that allows a low privileged attacker with network access via multiple protocols to compromise the MariaDB Server.\n Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server. (CVE-2019-2805)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-09-18T00:00:00", "type": "nessus", "title": "MariaDB 10.2.0 < 10.2.26 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2758", "CVE-2019-2805", "CVE-2020-2922", "CVE-2021-2007"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:mariadb:mariadb"], "id": "MARIADB_10_2_26.NASL", "href": "https://www.tenable.com/plugins/nessus/128974", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128974);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-2737\",\n \"CVE-2019-2739\",\n \"CVE-2019-2740\",\n \"CVE-2019-2758\",\n \"CVE-2019-2805\",\n \"CVE-2020-2922\",\n \"CVE-2021-2007\"\n );\n script_bugtraq_id(109243, 109247);\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"MariaDB 10.2.0 < 10.2.26 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MariaDB installed on the remote host is prior to 10.2.26. It is, therefore, affected by multiple\nvulnerabilities as referenced in the mdb-10226-rn advisory.\n\n - A vulnerability in the 'Server: Pluggable Auth'\n subcomponent. This is an easily exploitable\n vulnerability that allows a highly privileged attacker\n with network access via multiple protocols to\n compromise the MariaDB Server. Successful attacks\n involving this vulnerability can result in the\n unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2737)\n\n - A vulnerability in the 'Server: Security: Privileges'\n subcomponent. This is an easily exploitable\n vulnerability that allows a highly privileged attacker,\n who is able to logon to the infrastructure where the\n MariaDB Server executes, to compromise the MariaDB\n Server. Successful attacks involving this vulnerability\n can result in the unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of\n MariaDB Server as well as unauthorized update, insert\n or delete access to some of the data accessible to the\n MariaDB Server. (CVE-2019-2739)\n\n - A vulnerability in the 'Server: XML' subcomponent. This\n is an easily exploitable vulnerability that allows a\n low privileged attacker with network access via multiple\n protocols to compromise a MariaDB Server.Successful\n attacks involving this vulnerability can result in the\n unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2740)\n\n - A vulnerability in the InnoDB subcomponent of the\n MariaDB Server. This is an easily exploitable\n vulnerability that allows a highly privileged attacker\n with network access via multiple protocols to compromise\n a MariaDB Server. Successful attacks involving this\n vulnerability can result in the unauthorized ability to\n cause a hang or frequently repeatable crash (complete\n DOS) of the MariaDB Server as well as unauthorized\n update, insert or delete access to some of the data\n accessible to the MariaDB Server. (CVE-2019-2758)\n\n - A vulnerability in the 'Server: Parser' subcomponent.\n This is an easily exploitable vulnerability that allows\n a low privileged attacker with network access via\n multiple protocols to compromise the MariaDB Server.\n Successful attacks involving this vulnerability can\n result in the unauthorized ability to cause a hang or\n frequently repeatable crash (complete DOS) of the\n MariaDB Server. (CVE-2019-2805)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://mariadb.com/kb/en/mdb-10226-rn\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MariaDB version 10.2.26 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2758\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/18\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mariadb:mariadb\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude('mysql_version.inc');\n\nmysql_check_version(variant: 'MariaDB', min:'10.2.0-MariaDB', fixed:make_list('10.2.26-MariaDB'), severity:SECURITY_WARNING, paranoid: false);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:20", "description": "The version of MariaDB installed on the remote host is prior to 10.3.17. It is, therefore, affected by the following vulnerabilities as referenced in the mdb-10317-rn advisory:\n\n - A vulnerability in the 'Server: Pluggable Auth' subcomponent. This is an easily exploitable vulnerability that allows a highly privileged attacker with network access via multiple protocols to compromise the MariaDB Server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2737)\n\n - A vulnerability in the 'Server: Security: Privileges' subcomponent. This is an easily exploitable vulnerability that allows a highly privileged attacker, who is able to logon to the infrastructure where the MariaDB Server executes, to compromise the MariaDB Server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MariaDB Server as well as unauthorized update, insert or delete access to some of the data accessible to the MariaDB Server. (CVE-2019-2739)\n\n - A vulnerability in the 'Server: XML' subcomponent. This is an easily exploitable vulnerability that allows a low privileged attacker with network access via multiple protocols to compromise a MariaDB Server.Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2740)\n\n - A vulnerability in the InnoDB subcomponent of the MariaDB Server. This is an easily exploitable vulnerability that allows a highly privileged attacker with network access via multiple protocols to compromise a MariaDB Server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server as well as unauthorized update, insert or delete access to some of the data accessible to the MariaDB Server. (CVE-2019-2758)\n\n - A vulnerability in the 'Server: Parser' subcomponent.\n This is an easily exploitable vulnerability that allows a low privileged attacker with network access via multiple protocols to compromise the MariaDB Server.\n Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server. (CVE-2019-2805)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-09-26T00:00:00", "type": "nessus", "title": "MariaDB 10.3.0 < 10.3.17 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2758", "CVE-2019-2805", "CVE-2020-2922", "CVE-2021-2007"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:mariadb:mariadb"], "id": "MARIADB_10_3_17.NASL", "href": "https://www.tenable.com/plugins/nessus/129352", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129352);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-2737\",\n \"CVE-2019-2739\",\n \"CVE-2019-2740\",\n \"CVE-2019-2758\",\n \"CVE-2019-2805\",\n \"CVE-2020-2922\",\n \"CVE-2021-2007\"\n );\n script_bugtraq_id(109243, 109247);\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"MariaDB 10.3.0 < 10.3.17 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MariaDB installed on the remote host is prior to 10.3.17. It is, therefore, affected by the following\nvulnerabilities as referenced in the mdb-10317-rn advisory:\n\n - A vulnerability in the 'Server: Pluggable Auth'\n subcomponent. This is an easily exploitable\n vulnerability that allows a highly privileged attacker\n with network access via multiple protocols to\n compromise the MariaDB Server. Successful attacks\n involving this vulnerability can result in the\n unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2737)\n\n - A vulnerability in the 'Server: Security: Privileges'\n subcomponent. This is an easily exploitable\n vulnerability that allows a highly privileged attacker,\n who is able to logon to the infrastructure where the\n MariaDB Server executes, to compromise the MariaDB\n Server. Successful attacks involving this vulnerability\n can result in the unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of\n MariaDB Server as well as unauthorized update, insert\n or delete access to some of the data accessible to the\n MariaDB Server. (CVE-2019-2739)\n\n - A vulnerability in the 'Server: XML' subcomponent. This\n is an easily exploitable vulnerability that allows a\n low privileged attacker with network access via multiple\n protocols to compromise a MariaDB Server.Successful\n attacks involving this vulnerability can result in the\n unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2740)\n\n - A vulnerability in the InnoDB subcomponent of the\n MariaDB Server. This is an easily exploitable\n vulnerability that allows a highly privileged attacker\n with network access via multiple protocols to compromise\n a MariaDB Server. Successful attacks involving this\n vulnerability can result in the unauthorized ability to\n cause a hang or frequently repeatable crash (complete\n DOS) of the MariaDB Server as well as unauthorized\n update, insert or delete access to some of the data\n accessible to the MariaDB Server. (CVE-2019-2758)\n\n - A vulnerability in the 'Server: Parser' subcomponent.\n This is an easily exploitable vulnerability that allows\n a low privileged attacker with network access via\n multiple protocols to compromise the MariaDB Server.\n Successful attacks involving this vulnerability can\n result in the unauthorized ability to cause a hang or\n frequently repeatable crash (complete DOS) of the\n MariaDB Server. (CVE-2019-2805)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://mariadb.com/kb/en/mdb-10317-rn\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MariaDB version 10.3.17 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2758\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/26\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mariadb:mariadb\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude('mysql_version.inc');\n\nmysql_check_version(variant: 'MariaDB', min:'10.3.0-MariaDB', fixed:make_list('10.3.17-MariaDB'), severity:SECURITY_WARNING);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:23", "description": "The version of MariaDB installed on the remote host is prior to 10.4.7. It is, therefore, affected by the following vulnerabilities as referenced in the mdb-1047-rn advisory.\n\n - A vulnerability in the 'Server: Pluggable Auth' subcomponent. This is an easily exploitable vulnerability that allows a highly privileged attacker with network access via multiple protocols to compromise the MariaDB Server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2737)\n\n - A vulnerability in the 'Server: Security: Privileges' subcomponent. This is an easily exploitable vulnerability that allows a highly privileged attacker, who is able to logon to the infrastructure where the MariaDB Server executes, to compromise the MariaDB Server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MariaDB Server as well as unauthorized update, insert or delete access to some of the data accessible to the MariaDB Server. (CVE-2019-2739)\n\n - A vulnerability in the 'Server: XML' subcomponent. This is an easily exploitable vulnerability that allows a low privileged attacker with network access via multiple protocols to compromise a MariaDB Server.Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2740)\n\n - A vulnerability in the InnoDB subcomponent of the MariaDB Server. This is an easily exploitable vulnerability that allows a highly privileged attacker with network access via multiple protocols to compromise a MariaDB Server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server as well as unauthorized update, insert or delete access to some of the data accessible to the MariaDB Server. (CVE-2019-2758)\n\n - A vulnerability in the 'Server: Parser' subcomponent.\n This is an easily exploitable vulnerability that allows a low privileged attacker with network access via multiple protocols to compromise the MariaDB Server.\n Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of the MariaDB Server. (CVE-2019-2805)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-09-17T00:00:00", "type": "nessus", "title": "MariaDB 10.4.0 < 10.4.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2758", "CVE-2019-2805", "CVE-2020-2922", "CVE-2021-2007"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:mariadb:mariadb"], "id": "MARIADB_10_4_7.NASL", "href": "https://www.tenable.com/plugins/nessus/128878", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128878);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2019-2737\",\n \"CVE-2019-2739\",\n \"CVE-2019-2740\",\n \"CVE-2019-2758\",\n \"CVE-2019-2805\",\n \"CVE-2020-2922\",\n \"CVE-2021-2007\"\n );\n script_bugtraq_id(109243, 109247);\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"MariaDB 10.4.0 < 10.4.7 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MariaDB installed on the remote host is prior to 10.4.7. It is, therefore, affected by the following\nvulnerabilities as referenced in the mdb-1047-rn advisory.\n\n - A vulnerability in the 'Server: Pluggable Auth'\n subcomponent. This is an easily exploitable\n vulnerability that allows a highly privileged attacker\n with network access via multiple protocols to\n compromise the MariaDB Server. Successful attacks\n involving this vulnerability can result in the\n unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2737)\n\n - A vulnerability in the 'Server: Security: Privileges'\n subcomponent. This is an easily exploitable\n vulnerability that allows a highly privileged attacker,\n who is able to logon to the infrastructure where the\n MariaDB Server executes, to compromise the MariaDB\n Server. Successful attacks involving this vulnerability\n can result in the unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of\n MariaDB Server as well as unauthorized update, insert\n or delete access to some of the data accessible to the\n MariaDB Server. (CVE-2019-2739)\n\n - A vulnerability in the 'Server: XML' subcomponent. This\n is an easily exploitable vulnerability that allows a\n low privileged attacker with network access via multiple\n protocols to compromise a MariaDB Server.Successful\n attacks involving this vulnerability can result in the\n unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of the MariaDB Server.\n (CVE-2019-2740)\n\n - A vulnerability in the InnoDB subcomponent of the\n MariaDB Server. This is an easily exploitable\n vulnerability that allows a highly privileged attacker\n with network access via multiple protocols to compromise\n a MariaDB Server. Successful attacks involving this\n vulnerability can result in the unauthorized ability to\n cause a hang or frequently repeatable crash (complete\n DOS) of the MariaDB Server as well as unauthorized\n update, insert or delete access to some of the data\n accessible to the MariaDB Server. (CVE-2019-2758)\n\n - A vulnerability in the 'Server: Parser' subcomponent.\n This is an easily exploitable vulnerability that allows\n a low privileged attacker with network access via\n multiple protocols to compromise the MariaDB Server.\n Successful attacks involving this vulnerability can\n result in the unauthorized ability to cause a hang or\n frequently repeatable crash (complete DOS) of the\n MariaDB Server. (CVE-2019-2805)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://mariadb.com/kb/en/mdb-1047-rn\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MariaDB version 10.4.7 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2758\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/17\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mariadb:mariadb\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude('mysql_version.inc');\n\nmysql_check_version(variant: 'MariaDB', min:'10.4.0-MariaDB', fixed:make_list('10.4.7-MariaDB'), severity:SECURITY_WARNING, paranoid: false);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:32", "description": "This update for mariadb to version 10.2.29 fixes the following issues :\n\nMariaDB was updated to 10.2.29 (bsc#1156669) \n\nSecurity issues fixed :\n\n - CVE-2019-2737: Fixed an issue where could lead a remote attacker to cause denial of service \n\n - CVE-2019-2938: Fixed an issue where could lead a remote attacker to cause denial of service \n\n - CVE-2019-2740: Fixed an issue where could lead a local attacker to cause denial of service\n\n - CVE-2019-2805: Fixed an issue where could lead a local attacker to cause denial of service\n\n - CVE-2019-2974: Fixed an issue where could lead a remote attacker to cause denial of service\n\n - CVE-2019-2758: Fixed an issue where could lead a local attacker to cause denial of service or data corruption\n\n - CVE-2019-2739: Fixed an issue where could lead a local attacker to cause denial of service or data corruption\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-12-23T00:00:00", "type": "nessus", "title": "openSUSE Security Update : mariadb (openSUSE-2019-2698)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2758", "CVE-2019-2805", "CVE-2019-2938", "CVE-2019-2974"], "modified": "2019-12-27T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libmysqld-devel", "p-cpe:/a:novell:opensuse:libmysqld19", "p-cpe:/a:novell:opensuse:libmysqld19-debuginfo", "p-cpe:/a:novell:opensuse:mariadb", "p-cpe:/a:novell:opensuse:mariadb-bench", "p-cpe:/a:novell:opensuse:mariadb-bench-debuginfo", "p-cpe:/a:novell:opensuse:mariadb-client", "p-cpe:/a:novell:opensuse:mariadb-client-debuginfo", "p-cpe:/a:novell:opensuse:mariadb-debuginfo", "p-cpe:/a:novell:opensuse:mariadb-debugsource", "p-cpe:/a:novell:opensuse:mariadb-errormessages", "p-cpe:/a:novell:opensuse:mariadb-galera", "p-cpe:/a:novell:opensuse:mariadb-test", "p-cpe:/a:novell:opensuse:mariadb-test-debuginfo", "p-cpe:/a:novell:opensuse:mariadb-tools", "p-cpe:/a:novell:opensuse:mariadb-tools-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2698.NASL", "href": "https://www.tenable.com/plugins/nessus/132385", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2698.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132385);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/27\");\n\n script_cve_id(\"CVE-2019-2737\", \"CVE-2019-2739\", \"CVE-2019-2740\", \"CVE-2019-2758\", \"CVE-2019-2805\", \"CVE-2019-2938\", \"CVE-2019-2974\");\n\n script_name(english:\"openSUSE Security Update : mariadb (openSUSE-2019-2698)\");\n script_summary(english:\"Check for the openSUSE-2019-2698 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for mariadb to version 10.2.29 fixes the following \nissues :\n\nMariaDB was updated to 10.2.29 (bsc#1156669) \n\nSecurity issues fixed :\n\n - CVE-2019-2737: Fixed an issue where could lead a remote\n attacker to cause denial of service \n\n - CVE-2019-2938: Fixed an issue where could lead a remote\n attacker to cause denial of service \n\n - CVE-2019-2740: Fixed an issue where could lead a local\n attacker to cause denial of service\n\n - CVE-2019-2805: Fixed an issue where could lead a local\n attacker to cause denial of service\n\n - CVE-2019-2974: Fixed an issue where could lead a remote\n attacker to cause denial of service\n\n - CVE-2019-2758: Fixed an issue where could lead a local\n attacker to cause denial of service or data corruption\n\n - CVE-2019-2739: Fixed an issue where could lead a local\n attacker to cause denial of service or data corruption\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1156669\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mariadb packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2758\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqld-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqld19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysqld19-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-bench-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-errormessages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-galera\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mariadb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libmysqld-devel-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libmysqld19-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libmysqld19-debuginfo-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mariadb-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mariadb-bench-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mariadb-bench-debuginfo-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mariadb-client-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mariadb-client-debuginfo-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mariadb-debuginfo-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mariadb-debugsource-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mariadb-errormessages-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mariadb-galera-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mariadb-test-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mariadb-test-debuginfo-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mariadb-tools-10.2.29-lp151.2.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"mariadb-tools-debuginfo-10.2.29-lp151.2.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysqld-devel / libmysqld19 / libmysqld19-debuginfo / mariadb / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:31:45", "description": "This update for mariadb to version 10.2.29 fixes the following issues :\n\nMariaDB was updated to 10.2.29 (bsc#1156669)\n\nSecurity issues fixed :\n\nCVE-2019-2737: Fixed an issue where could lead a remote attacker to cause denial of service\n\nCVE-2019-2938: Fixed an issue where could lead a remote attacker to cause denial of service\n\nCVE-2019-2740: Fixed an issue where could lead a local attacker to cause denial of service\n\nCVE-2019-2805: Fixed an issue where could lead a local attacker to cause denial of service\n\nCVE-2019-2974: Fixed an issue where could lead a remote attacker to cause denial of service\n\nCVE-2019-2758: Fixed an issue where could lead a local attacker to cause denial of service or data corruption\n\nCVE-2019-2739: Fixed an issue where could lead a local attacker to cause denial of service or data corruption\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-17T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : mariadb (SUSE-SU-2019:3306-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2758", "CVE-2019-2805", "CVE-2019-2938", "CVE-2019-2974"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libmysqld-devel", "p-cpe:/a:novell:suse_linux:libmysqld19", "p-cpe:/a:novell:suse_linux:libmysqld19-debuginfo", "p-cpe:/a:novell:suse_linux:mariadb", "p-cpe:/a:novell:suse_linux:mariadb-bench", "p-cpe:/a:novell:suse_linux:mariadb-bench-debuginfo", "p-cpe:/a:novell:suse_linux:mariadb-client", "p-cpe:/a:novell:suse_linux:mariadb-client-debuginfo", "p-cpe:/a:novell:suse_linux:mariadb-debuginfo", "p-cpe:/a:novell:suse_linux:mariadb-debugsource", "p-cpe:/a:novell:suse_linux:mariadb-galera", "p-cpe:/a:novell:suse_linux:mariadb-test", "p-cpe:/a:novell:suse_linux:mariadb-test-debuginfo", "p-cpe:/a:novell:suse_linux:mariadb-tools", "p-cpe:/a:novell:suse_linux:mariadb-tools-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-3306-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132088", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:3306-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132088);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-2737\", \"CVE-2019-2739\", \"CVE-2019-2740\", \"CVE-2019-2758\", \"CVE-2019-2805\", \"CVE-2019-2938\", \"CVE-2019-2974\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : mariadb (SUSE-SU-2019:3306-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for mariadb to version 10.2.29 fixes the following \nissues :\n\nMariaDB was updated to 10.2.29 (bsc#1156669)\n\nSecurity issues fixed :\n\nCVE-2019-2737: Fixed an issue where could lead a remote attacker to\ncause denial of service\n\nCVE-2019-2938: Fixed an issue where could lead a remote attacker to\ncause denial of service\n\nCVE-2019-2740: Fixed an issue where could lead a local attacker to\ncause denial of service\n\nCVE-2019-2805: Fixed an issue where could lead a local attacker to\ncause denial of service\n\nCVE-2019-2974: Fixed an issue where could lead a remote attacker to\ncause denial of service\n\nCVE-2019-2758: Fixed an issue where could lead a local attacker to\ncause denial of service or data corruption\n\nCVE-2019-2739: Fixed an issue where could lead a local attacker to\ncause denial of service or data corruption\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2737/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2739/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2740/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2758/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2805/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2938/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2974/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20193306-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?685a67c1\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15-SP1:zypper in\n-t patch SUSE-SLE-Module-Server-Applications-15-SP1-2019-3306=1\n\nSUSE Linux Enterprise Module for Server Applications 15:zypper in -t\npatch SUSE-SLE-Module-Server-Applications-15-2019-3306=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-3306=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-3306=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2758\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmysqld-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmysqld19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libmysqld19-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-bench-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-galera\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libmysqld-devel-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libmysqld19-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libmysqld19-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mariadb-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mariadb-bench-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mariadb-bench-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mariadb-client-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mariadb-client-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mariadb-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mariadb-debugsource-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mariadb-galera-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mariadb-test-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mariadb-test-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mariadb-tools-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"mariadb-tools-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libmysqld-devel-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libmysqld19-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libmysqld19-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"mariadb-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"mariadb-bench-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"mariadb-bench-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"mariadb-client-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"mariadb-client-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"mariadb-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"mariadb-debugsource-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"mariadb-galera-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"mariadb-test-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"mariadb-test-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"mariadb-tools-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"mariadb-tools-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"mariadb-bench-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"mariadb-bench-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"mariadb-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"mariadb-debugsource-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"mariadb-galera-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"mariadb-test-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"mariadb-test-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"mariadb-bench-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"mariadb-bench-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"mariadb-debuginfo-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"mariadb-debugsource-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"mariadb-galera-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"mariadb-test-10.2.29-3.23.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"mariadb-test-debuginfo-10.2.29-3.23.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mariadb\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-27T14:37:07", "description": "This update for mariadb to version 10.2.29 fixes the following issues :\n\nMariaDB was updated to 10.2.29 (bsc#1156669)\n\nSecurity issues fixed :\n\nCVE-2019-2737: Fixed an issue where could lead a remote attacker to cause denial of service\n\nCVE-2019-2938: Fixed an issue where could lead a remote attacker to cause denial of service\n\nCVE-2019-2740: Fixed an issue where could lead a local attacker to cause denial of service\n\nCVE-2019-2805: Fixed an issue where could lead a local attacker to cause denial of service\n\nCVE-2019-2974: Fixed an issue where could lead a remote attacker to cause denial of service\n\nCVE-2019-2758: Fixed an issue where could lead a local attacker to cause denial of service or data corruption\n\nCVE-2019-2739: Fixed an issue where could lead a local attacker to cause denial of service or data corruption\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-23T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2019:3369-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2758", "CVE-2019-2805", "CVE-2019-2938", "CVE-2019-2974"], "modified": "2019-12-27T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:mariadb", "p-cpe:/a:novell:suse_linux:mariadb-client", "p-cpe:/a:novell:suse_linux:mariadb-client-debuginfo", "p-cpe:/a:novell:suse_linux:mariadb-debuginfo", "p-cpe:/a:novell:suse_linux:mariadb-debugsource", "p-cpe:/a:novell:suse_linux:mariadb-tools", "p-cpe:/a:novell:suse_linux:mariadb-tools-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-3369-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132387", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:3369-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132387);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/27\");\n\n script_cve_id(\"CVE-2019-2737\", \"CVE-2019-2739\", \"CVE-2019-2740\", \"CVE-2019-2758\", \"CVE-2019-2805\", \"CVE-2019-2938\", \"CVE-2019-2974\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2019:3369-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for mariadb to version 10.2.29 fixes the following \nissues :\n\nMariaDB was updated to 10.2.29 (bsc#1156669)\n\nSecurity issues fixed :\n\nCVE-2019-2737: Fixed an issue where could lead a remote attacker to\ncause denial of service\n\nCVE-2019-2938: Fixed an issue where could lead a remote attacker to\ncause denial of service\n\nCVE-2019-2740: Fixed an issue where could lead a local attacker to\ncause denial of service\n\nCVE-2019-2805: Fixed an issue where could lead a local attacker to\ncause denial of service\n\nCVE-2019-2974: Fixed an issue where could lead a remote attacker to\ncause denial of service\n\nCVE-2019-2758: Fixed an issue where could lead a local attacker to\ncause denial of service or data corruption\n\nCVE-2019-2739: Fixed an issue where could lead a local attacker to\ncause denial of service or data corruption\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2737/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2739/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2740/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2758/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2805/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2938/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-2974/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20193369-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3a1c5f61\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 9:zypper in -t patch\nSUSE-OpenStack-Cloud-Crowbar-9-2019-3369=1\n\nSUSE OpenStack Cloud 9:zypper in -t patch\nSUSE-OpenStack-Cloud-9-2019-3369=1\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2019-3369=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-3369=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-3369=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2758\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:mariadb-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4/5\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"mariadb-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"mariadb-client-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"mariadb-client-debuginfo-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"mariadb-debuginfo-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"mariadb-debugsource-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"mariadb-tools-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"mariadb-tools-debuginfo-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"mariadb-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"mariadb-client-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"mariadb-client-debuginfo-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"mariadb-debuginfo-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"mariadb-debugsource-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"mariadb-tools-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"mariadb-tools-debuginfo-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"mariadb-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"mariadb-client-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"mariadb-client-debuginfo-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"mariadb-debuginfo-10.2.29-3.22.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"mariadb-debugsource-10.2.29-3.22.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mariadb\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:25:43", "description": "The version of MySQL running on the remote host is 5.7.x prior to 5.7.27. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the July 2019 Critical Patch Update advisory:\n\n - A stack-based buffer overflow vulnerability in the 'Server: Packaging (cURL)' subcomponent could allow an unauthenticated attacker to gain complete control of an affected instance of MySQL Server. (CVE-2019-3822)\n\n - A vulnerability in the 'Server: Parser' subcomponent.\n This is an easily exploitable vulnerability that allows a low privileged attacker with network access via multiple protocols to compromise the server. Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS). (CVE-2019-2805)\n\n - A vulnerability in the 'Server: XML' subcomponent. This is an easily exploitable vulnerability that allows a low privileged attacker with network access via multiple protocols to compromise a server.Successful attacks involving this vulnerability can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS).\n (CVE-2019-2740)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-07-18T00:00:00", "type": "nessus", "title": "MySQL 5.7.x < 5.7.27 Multiple Vulnerabilities (Jul 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16890", "CVE-2019-2737", "CVE-2019-2738", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2741", "CVE-2019-2757", "CVE-2019-2758", "CVE-2019-2774", "CVE-2019-2778", "CVE-2019-2791", "CVE-2019-2797", "CVE-2019-2805", "CVE-2019-2819", "CVE-2019-2948", "CVE-2019-2969", "CVE-2019-3822", "CVE-2019-3823"], "modified": "2022-12-06T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "MYSQL_5_7_27_JULY.NASL", "href": "https://www.tenable.com/plugins/nessus/126783", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126783);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\n \"CVE-2018-16890\",\n \"CVE-2019-2737\",\n \"CVE-2019-2738\",\n \"CVE-2019-2739\",\n \"CVE-2019-2740\",\n \"CVE-2019-2741\",\n \"CVE-2019-2757\",\n \"CVE-2019-2758\",\n \"CVE-2019-2774\",\n \"CVE-2019-2778\",\n \"CVE-2019-2791\",\n \"CVE-2019-2797\",\n \"CVE-2019-2805\",\n \"CVE-2019-2819\",\n \"CVE-2019-2948\",\n \"CVE-2019-2969\",\n \"CVE-2019-3822\",\n \"CVE-2019-3823\"\n );\n script_bugtraq_id(\n 106947,\n 106950,\n 109243,\n 109247\n );\n script_xref(name:\"IAVA\", value:\"2019-A-0122-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0227\");\n\n script_name(english:\"MySQL 5.7.x < 5.7.27 Multiple Vulnerabilities (Jul 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL running on the remote host is 5.7.x prior to\n5.7.27. It is, therefore, affected by multiple vulnerabilities,\nincluding three of the top vulnerabilities below, as noted in the\nJuly 2019 Critical Patch Update advisory:\n\n - A stack-based buffer overflow vulnerability in the\n 'Server: Packaging (cURL)' subcomponent could allow an\n unauthenticated attacker to gain complete control of an\n affected instance of MySQL Server. (CVE-2019-3822)\n\n - A vulnerability in the 'Server: Parser' subcomponent.\n This is an easily exploitable vulnerability that allows\n a low privileged attacker with network access via\n multiple protocols to compromise the server. Successful\n attacks involving this vulnerability can result in the\n unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS). (CVE-2019-2805)\n\n - A vulnerability in the 'Server: XML' subcomponent. This\n is an easily exploitable vulnerability that allows a\n low privileged attacker with network access via multiple\n protocols to compromise a server.Successful attacks\n involving this vulnerability can result in the\n unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS).\n (CVE-2019-2740)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-27.html\");\n # https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1adc2fd3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL version 5.7.27 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3822\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\", \"mysql_version_local.nasl\", \"mysql_win_installed.nbin\", \"macosx_mysql_installed.nbin\");\n script_require_keys(\"installed_sw/MySQL Server\");\n\n exit(0);\n}\n\ninclude('vcf_extras_mysql.inc');\n\nvar app_info = vcf::mysql::combined_get_app_info();\n\nvar constraints = [{ 'min_version' : '5.7.0', 'fixed_version' : '5.7.27'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:24:11", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2411 advisory.\n\n - kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\n - kernel: broken permission and object lifetime handling for PTRACE_TRACEME (CVE-2019-13272)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : kernel (CESA-2019:2411)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125", "CVE-2019-13272"], "modified": "2023-01-18T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:bpftool", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-abi-whitelists", "p-cpe:/a:centos:centos:kernel-core", "p-cpe:/a:centos:centos:kernel-cross-headers", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-core", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-debug-modules", "p-cpe:/a:centos:centos:kernel-debug-modules-extra", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-modules", "p-cpe:/a:centos:centos:kernel-modules-extra", "p-cpe:/a:centos:centos:kernel-tools", "p-cpe:/a:centos:centos:kernel-tools-libs", "p-cpe:/a:centos:centos:kernel-tools-libs-devel", "p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python3-perf"], "id": "CENTOS8_RHSA-2019-2411.NASL", "href": "https://www.tenable.com/plugins/nessus/145678", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:2411. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145678);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/18\");\n\n script_cve_id(\"CVE-2019-1125\", \"CVE-2019-13272\");\n script_xref(name:\"RHSA\", value:\"2019:2411\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"CentOS 8 : kernel (CESA-2019:2411)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2019:2411 advisory.\n\n - kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\n - kernel: broken permission and object lifetime handling for PTRACE_TRACEME (CVE-2019-13272)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2411\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13272\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n cve_list = make_list('CVE-2019-1125', 'CVE-2019-13272');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for CESA-2019:2411');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\npkgs = [\n {'reference':'bpftool-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-80.7.2.el8_0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-80.7.2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / kernel-core / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:07", "description": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es) :\n\n* kernel: broken permission and object lifetime handling for PTRACE_TRACEME (CVE-2019-13272)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "RHEL 8 : kernel-rt (RHSA-2019:2405)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125", "CVE-2019-13272"], "modified": "2023-02-10T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-core", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra"], "id": "REDHAT-RHSA-2019-2405.NASL", "href": "https://www.tenable.com/plugins/nessus/127721", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2405. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127721);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/10\");\n\n script_cve_id(\"CVE-2019-1125\", \"CVE-2019-13272\");\n script_xref(name:\"RHSA\", value:\"2019:2405\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"RHEL 8 : kernel-rt (RHSA-2019:2405)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kernel-rt is now available for Red Hat Enterprise Linux\n8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which\nenables fine-tuning for systems with extremely high determinism\nrequirements.\n\nSecurity Fix(es) :\n\n* kernel: broken permission and object lifetime handling for\nPTRACE_TRACEME (CVE-2019-13272)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/articles/4329821\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2405\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-1125\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-13272\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13272\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-1125\", \"CVE-2019-13272\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:2405\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2405\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-core-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-core-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-kvm-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-kvm-debuginfo-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-modules-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debug-modules-extra-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-devel-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-kvm-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-kvm-debuginfo-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-modules-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-rt-modules-extra-4.18.0-80.7.2.rt9.154.el8_0\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-core / kernel-rt-debug / kernel-rt-debug-core / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:08", "description": "An update for kernel is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* kernel: broken permission and object lifetime handling for PTRACE_TRACEME (CVE-2019-13272)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "RHEL 8 : kernel (RHSA-2019:2411)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1125", "CVE-2019-13272"], "modified": "2023-02-10T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8.0", "cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:bpftool-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-core", "p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-core", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:redhat:enterprise_linux:kernel-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra", "p-cpe:/a:redhat:enterprise_linux:python3-perf", "p-cpe:/a:redhat:enterprise_linux:python3-perf-debuginfo"], "id": "REDHAT-RHSA-2019-2411.NASL", "href": "https://www.tenable.com/plugins/nessus/127722", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2411. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127722);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/10\");\n\n script_cve_id(\"CVE-2019-1125\", \"CVE-2019-13272\");\n script_xref(name:\"RHSA\", value:\"2019:2411\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"RHEL 8 : kernel (RHSA-2019:2411)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* kernel: broken permission and object lifetime handling for\nPTRACE_TRACEME (CVE-2019-13272)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/articles/4329821\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:2411\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-1125\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2019-13272\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13272\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-1125\", \"CVE-2019-13272\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:2411\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2411\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"bpftool-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"bpftool-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"bpftool-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"bpftool-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"bpftool-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"kernel-abi-whitelists-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-core-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-core-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-cross-headers-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-cross-headers-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debug-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debug-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debug-core-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debug-core-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"kernel-debug-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debug-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debug-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debug-modules-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debug-modules-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debug-modules-extra-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debug-modules-extra-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"kernel-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"kernel-debuginfo-common-aarch64-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", reference:\"kernel-doc-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-headers-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-headers-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-modules-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-modules-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-modules-extra-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-modules-extra-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-tools-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-tools-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"kernel-tools-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-tools-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"kernel-tools-libs-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"kernel-tools-libs-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-zfcpdump-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-zfcpdump-core-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-zfcpdump-devel-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-zfcpdump-modules-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"kernel-zfcpdump-modules-extra-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"perf-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"perf-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"perf-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"perf-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"perf-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"python3-perf-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"python3-perf-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", sp:\"0\", cpu:\"aarch64\", reference:\"python3-perf-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"s390x\", reference:\"python3-perf-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"python3-perf-debuginfo-4.18.0-80.7.2.el8_0\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / kernel-abi-whitelists / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:10", "description": "Eli Biham and Lior Neumann discovered that the Bluetooth implementation in the Linux kernel did not properly validate elliptic curve parameters during Diffie-Hellman key exchange in some situations. An attacker could use this to expose sensitive information. (CVE-2018-5383)\n\nIt was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-10126)\n\nAndrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-1125)\n\nJann Horn discovered that a race condition existed in the Linux kernel when performing core dumps. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information.\n(CVE-2019-11599)\n\nIt was discovered that the PowerPC dlpar implementation in the Linux kernel did not properly check for allocation errors in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-12614)\n\nJann Horn discovered that the ptrace implementation in the Linux kernel did not properly record credentials in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2019-13272)\n\nIt was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-3846).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-14T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4095-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5383", "CVE-2019-10126", "CVE-2019-1125", "CVE-2019-11599", "CVE-2019-12614", "CVE-2019-13272", "CVE-2019-3846", "CVE-2019-9503"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-4095-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127890", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4095-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127890);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-5383\", \"CVE-2019-10126\", \"CVE-2019-1125\", \"CVE-2019-11599\", \"CVE-2019-12614\", \"CVE-2019-13272\", \"CVE-2019-3846\", \"CVE-2019-9503\");\n script_xref(name:\"USN\", value:\"4095-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4095-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Eli Biham and Lior Neumann discovered that the Bluetooth\nimplementation in the Linux kernel did not properly validate elliptic\ncurve parameters during Diffie-Hellman key exchange in some\nsituations. An attacker could use this to expose sensitive\ninformation. (CVE-2018-5383)\n\nIt was discovered that a heap buffer overflow existed in the Marvell\nWireless LAN device driver for the Linux kernel. An attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2019-10126)\n\nAndrei Vlad Lutas and Dan Lutas discovered that some x86 processors\nincorrectly handle SWAPGS instructions during speculative execution. A\nlocal attacker could use this to expose sensitive information (kernel\nmemory). (CVE-2019-1125)\n\nJann Horn discovered that a race condition existed in the Linux kernel\nwhen performing core dumps. A local attacker could use this to cause a\ndenial of service (system crash) or expose sensitive information.\n(CVE-2019-11599)\n\nIt was discovered that the PowerPC dlpar implementation in the Linux\nkernel did not properly check for allocation errors in some\nsituations. A local attacker could possibly use this to cause a denial\nof service (system crash). (CVE-2019-12614)\n\nJann Horn discovered that the ptrace implementation in the Linux\nkernel did not properly record credentials in some situations. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly gain administrative privileges. (CVE-2019-13272)\n\nIt was discovered that the Marvell Wireless LAN device driver in the\nLinux kernel did not properly validate the BSS descriptor. A local\nattacker could possibly use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2019-3846).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4095-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-5383\", \"CVE-2019-10126\", \"CVE-2019-1125\", \"CVE-2019-11599\", \"CVE-2019-12614\", \"CVE-2019-13272\", \"CVE-2019-3846\", \"CVE-2019-9503\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4095-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1054-kvm\", pkgver:\"4.4.0-1054.61\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1090-aws\", pkgver:\"4.4.0-1090.101\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1118-raspi2\", pkgver:\"4.4.0-1118.127\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1122-snapdragon\", pkgver:\"4.4.0-1122.128\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-159-generic\", pkgver:\"4.4.0-159.187\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-159-generic-lpae\", pkgver:\"4.4.0-159.187\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-159-lowlatency\", pkgver:\"4.4.0-159.187\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1090.94\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.159.167\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.159.167\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.4.0.1054.54\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.159.167\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.4.0.1118.118\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1122.114\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.4.0.159.167\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-aws / linux-image-4.4-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:10", "description": "USN-4070-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2737, CVE-2019-2739, CVE-2019-2740, CVE-2019-2758, CVE-2019-2805, CVE-2019-2628, CVE-2019-2627, CVE-2019-2614 in MariaDB 10.3.\n\nUbuntu 19.04 has been updated to MariaDB 10.3.17.\n\nIn addition to security fixes, the updated package contain bug fixes, new features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttps://mariadb.com/kb/en/library/mariadb-10317-changelog/ https://mariadb.com/kb/en/library/mariadb-10317-release-notes/\n\nMultiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues.\n\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated to MySQL 5.7.27.\n\nIn addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttp://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-27.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-507283 5.html.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-14T00:00:00", "type": "nessus", "title": "Ubuntu 19.04 : MariaDB vulnerabilities (USN-4070-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2614", "CVE-2019-2627", "CVE-2019-2628", "CVE-2019-2737", "CVE-2019-2739", "CVE-2019-2740", "CVE-2019-2758", "CVE-2019-2805"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libmariadb-dev", "p-cpe:/a:canonical:ubuntu_linux:libmariadb-dev-compat", "p-cpe:/a:canonical:ubuntu_linux:libmariadb3", "p-cpe:/a:canonical:ubuntu_linux:libmariadbclient-dev", "p-cpe:/a:canonical:ubuntu_linux:libmariadbd-dev", "p-cpe:/a:canonical:ubuntu_linux:libmariadbd19", "p-cpe:/a:canonical:ubuntu_linux:mariadb-backup", "p-cpe:/a:canonical:ubuntu_linux:mariadb-client", "p-cpe:/a:canonical:ubuntu_linux:mariadb-client-10.3", "p-cpe:/a:canonical:ubuntu_linux:mariadb-client-core-10.3", "p-cpe:/a:canonical:ubuntu_linux:mariadb-common", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-connect", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-cracklib-password-check", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-gssapi-client", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-gssapi-server", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-mroonga", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-oqgraph", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-rocksdb", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-spider", "p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-tokudb", "p-cpe:/a:canonical:ubuntu_linux:mariadb-server", "p-cpe:/a:canonical:ubuntu_linux:mariadb-server-10.3", "p-cpe:/a:canonical:ubuntu_linux:mariadb-server-core-10.3", "p-cpe:/a:canonical:ubuntu_linux:mariadb-test", "p-cpe:/a:canonical:ubuntu_linux:mariadb-test-data", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4070-3.NASL", "href": "https://www.tenable.com/plugins/nessus/127887", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4070-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127887);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-2614\", \"CVE-2019-2627\", \"CVE-2019-2628\", \"CVE-2019-2737\", \"CVE-2019-2739\", \"CVE-2019-2740\", \"CVE-2019-2758\", \"CVE-2019-2805\");\n script_xref(name:\"USN\", value:\"4070-3\");\n\n script_name(english:\"Ubuntu 19.04 : MariaDB vulnerabilities (USN-4070-3)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-4070-1 fixed multiple vulnerabilities in MySQL. This update\nprovides the corresponding fixes for CVE-2019-2737, CVE-2019-2739,\nCVE-2019-2740, CVE-2019-2758, CVE-2019-2805, CVE-2019-2628,\nCVE-2019-2627, CVE-2019-2614 in MariaDB 10.3.\n\nUbuntu 19.04 has been updated to MariaDB 10.3.17.\n\nIn addition to security fixes, the updated package contain bug fixes,\nnew features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttps://mariadb.com/kb/en/library/mariadb-10317-changelog/\nhttps://mariadb.com/kb/en/library/mariadb-10317-release-notes/\n\nMultiple security issues were discovered in MySQL and this update\nincludes a new upstream MySQL version to fix these issues.\n\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated\nto MySQL 5.7.27.\n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttp://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-27.html\nhttps://www.oracle.com/technetwork/security-advisory/cpujul2019-507283\n5.html.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4070-3/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2758\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmariadb-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmariadb-dev-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmariadb3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmariadbclient-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmariadbd-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmariadbd19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-backup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-client-10.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-client-core-10.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-connect\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-cracklib-password-check\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-gssapi-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-gssapi-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-mroonga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-oqgraph\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-rocksdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-spider\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-plugin-tokudb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-server-10.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-server-core-10.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mariadb-test-data\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libmariadb-dev\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libmariadb-dev-compat\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libmariadb3\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libmariadbclient-dev\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libmariadbd-dev\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libmariadbd19\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-backup\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-client\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-client-10.3\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-client-core-10.3\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-common\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-plugin-connect\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-plugin-cracklib-password-check\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-plugin-gssapi-client\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-plugin-gssapi-server\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-plugin-mroonga\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-plugin-oqgraph\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-plugin-rocksdb\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-plugin-spider\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-plugin-tokudb\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-server\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-server-10.3\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-server-core-10.3\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-test\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"mariadb-test-data\", pkgver:\"1:10.3.17-0ubuntu0.19.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmariadb-dev / libmariadb-dev-compat / libmariadb3 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:26:08", "description": "New kernel packages are available for Slackware 14.2 to fix security issues.", "cvss3": {}, "published": "2019-07-22T00:00:00", "type": "nessus", "title": "Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-202-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16597", "CVE-2019-10126", "CVE-2019-11599", "CVE-2019-13272", "CVE-2019-3846", "CVE-2019-3892"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:kernel-firmware", "p-cpe:/a:slackware:slackware_linux:kernel-generic", "p-cpe:/a:slackware:slackware_linux:kernel-generic-smp", "p-cpe:/a:slackware:slackware_linux:kernel-headers", "p-cpe:/a:slackware:slackware_linux:kernel-huge", "p-cpe:/a:slackware:slackware_linux:kernel-huge-smp", "p-cpe:/a:slackware:slackware_linux:kernel-modules", "p-cpe:/a:slackware:slackware_linux:kernel-modules-smp", "p-cpe:/a:slackware:slackware_linux:kernel-source", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2019-202-01.NASL", "href": "https://www.tenable.com/plugins/nessus/126882", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2019-202-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126882);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2018-16597\", \"CVE-2019-10126\", \"CVE-2019-11599\", \"CVE-2019-13272\", \"CVE-2019-3846\", \"CVE-2019-3892\");\n script_xref(name:\"SSA\", value:\"2019-202-01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/10\");\n\n script_name(english:\"Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-202-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New kernel packages are available for Slackware 14.2 to fix security\nissues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2019&m=slackware-security.704001\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?60ee670e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3846\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Polkit pkexec helper PTRACE_TRACEME local root exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-firmware\", pkgver:\"20190717_bf13a71\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic\", pkgver:\"4.4.186\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic-smp\", pkgver:\"4.4.186_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-headers\", pkgver:\"4.4.186_smp\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge\", pkgver:\"4.4.186\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge-smp\", pkgver:\"4.4.186_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules\", pkgver:\"4.4.186\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules-smp\", pkgver:\"4.4.186_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-source\", pkgver:\"4.4.186_smp\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-firmware\", pkgver:\"20190717_bf13a71\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-generic\", pkgver:\"4.4.186\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-headers\", pkgver:\"4.4.186\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-huge\", pkgver:\"4.4.186\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-modules\", pkgver:\"4.4.186\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-source\", pkgver:\"4.4.186\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:29:41", "description": "An update of the binutils package has been released.", "cvss3": {}, "published": "2019-09-12T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Binutils PHSA-2019-2.0-0173", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18309", "CVE-2019-1010204", "CVE-2019-12972", "CVE-2019-14250", "CVE-2019-14444", "CVE-2019-9075", "CVE-2019-9077"], "modified": "2019-12-30T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:binutils", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0173_BINUTILS.NASL", "href": "https://www.tenable.com/plugins/nessus/128734", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0173. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128734);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/30\");\n\n script_cve_id(\n \"CVE-2018-18309\",\n \"CVE-2019-9075\",\n \"CVE-2019-9077\",\n \"CVE-2019-12972\",\n \"CVE-2019-14250\",\n \"CVE-2019-14444\",\n \"CVE-2019-1010204\"\n );\n\n script_name(english:\"Photon OS 2.0: Binutils PHSA-2019-2.0-0173\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the binutils package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-173.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9077\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"binutils-2.32-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"binutils-debuginfo-2.32-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"binutils-devel-2.32-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"binutils\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:44", "description": "It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). A physically proximate attacker could use this to cause a denial of service (Wi-Fi disconnect). (CVE-2019-0136)\n\nIt was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. (CVE-2019-10207)\n\nIt was discovered that the GTCO tablet input driver in the Linux kernel did not properly bounds check the initial HID report sent by the device. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-13631)\n\nIt was discovered that an out-of-bounds read existed in the QLogic QEDI iSCSI Initiator Driver in the Linux kernel. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-15090)\n\nHui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel did not properly validate device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15117)\n\nHui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel improperly performed recursion while handling device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15118)\n\nIt was discovered that the Raremono AM/FM/SW radio device driver in the Linux kernel did not properly allocate memory, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.\n(CVE-2019-15211)\n\nIt was discovered at a double-free error existed in the USB Rio 500 device driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service. (CVE-2019-15212)\n\nIt was discovered that a race condition existed in the CPiA2 video4linux device driver for the Linux kernel, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15215)\n\nIt was discovered that a race condition existed in the Softmac USB Prism54 device driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash).\n(CVE-2019-15220)\n\nBenjamin Moody discovered that the XFS file system in the Linux kernel did not properly handle an error condition when out of disk quota. A local attacker could possibly use this to cause a denial of service.\n(CVE-2019-15538)\n\nIt was discovered that the Hisilicon HNS3 ethernet device driver in the Linux kernel contained an out of bounds access vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2019-15925)\n\nIt was discovered that the Atheros mobile chipset driver in the Linux kernel did not properly validate data in some situations. An attacker could use this to cause a denial of service (system crash).\n(CVE-2019-15926)\n\nDaniele Antonioli, Nils Ole Tippenhauer, and Kasper B. Rasmussen discovered that the Bluetooth protocol BR/EDR specification did not properly require sufficiently strong encryption key lengths. A physically proximate attacker could use this to expose sensitive information. (CVE-2019-9506)\n\nIt was discovered that ZR364XX Camera USB device driver for the Linux kernel did not properly initialize memory. A physically proximate attacker could use this to cause a denial of service (system crash).\n(CVE-2019-15217)\n\nIt was discovered that the Siano USB MDTV receiver device driver in the Linux kernel made improper assumptions about the device characteristics. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2019-15218)\n\nIt was discovered that the Line 6 POD USB device driver in the Linux kernel did not properly validate data size information from the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15221)\n\nIt was discovered that the Line 6 USB driver for the Linux kernel contained a race condition when the device was disconnected. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15223).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-07T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 19.04 : linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, (USN-4147-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0136", "CVE-2019-10207", "CVE-2019-13631", "CVE-2019-15090", "CVE-2019-15117", "CVE-2019-15118", "CVE-2019-15211", "CVE-2019-15212", "CVE-2019-15215", "CVE-2019-15217", "CVE-2019-15218", "CVE-2019-15220", "CVE-2019-15221", "CVE-2019-15223", "CVE-2019-15538", "CVE-2019-15925", "CVE-2019-15926", "CVE-2019-9506"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.0", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4147-1.NASL", "href": "https://www.tenable.com/plugins/nessus/129677", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4147-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129677);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-0136\", \"CVE-2019-10207\", \"CVE-2019-13631\", \"CVE-2019-15090\", \"CVE-2019-15117\", \"CVE-2019-15118\", \"CVE-2019-15211\", \"CVE-2019-15212\", \"CVE-2019-15215\", \"CVE-2019-15217\", \"CVE-2019-15218\", \"CVE-2019-15220\", \"CVE-2019-15221\", \"CVE-2019-15223\", \"CVE-2019-15538\", \"CVE-2019-15925\", \"CVE-2019-15926\", \"CVE-2019-9506\");\n script_xref(name:\"USN\", value:\"4147-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 19.04 : linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, (USN-4147-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that the Intel Wi-Fi device driver in the Linux\nkernel did not properly validate certain Tunneled Direct Link Setup\n(TDLS). A physically proximate attacker could use this to cause a\ndenial of service (Wi-Fi disconnect). (CVE-2019-0136)\n\nIt was discovered that the Bluetooth UART implementation in the Linux\nkernel did not properly check for missing tty operations. A local\nattacker could use this to cause a denial of service. (CVE-2019-10207)\n\nIt was discovered that the GTCO tablet input driver in the Linux\nkernel did not properly bounds check the initial HID report sent by\nthe device. A physically proximate attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-13631)\n\nIt was discovered that an out-of-bounds read existed in the QLogic\nQEDI iSCSI Initiator Driver in the Linux kernel. A local attacker\ncould possibly use this to expose sensitive information (kernel\nmemory). (CVE-2019-15090)\n\nHui Peng and Mathias Payer discovered that the USB audio driver for\nthe Linux kernel did not properly validate device meta data. A\nphysically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15117)\n\nHui Peng and Mathias Payer discovered that the USB audio driver for\nthe Linux kernel improperly performed recursion while handling device\nmeta data. A physically proximate attacker could use this to cause a\ndenial of service (system crash). (CVE-2019-15118)\n\nIt was discovered that the Raremono AM/FM/SW radio device driver in\nthe Linux kernel did not properly allocate memory, leading to a\nuse-after-free. A physically proximate attacker could use this to\ncause a denial of service or possibly execute arbitrary code.\n(CVE-2019-15211)\n\nIt was discovered at a double-free error existed in the USB Rio 500\ndevice driver for the Linux kernel. A physically proximate attacker\ncould use this to cause a denial of service. (CVE-2019-15212)\n\nIt was discovered that a race condition existed in the CPiA2\nvideo4linux device driver for the Linux kernel, leading to a\nuse-after-free. A physically proximate attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2019-15215)\n\nIt was discovered that a race condition existed in the Softmac USB\nPrism54 device driver in the Linux kernel. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2019-15220)\n\nBenjamin Moody discovered that the XFS file system in the Linux kernel\ndid not properly handle an error condition when out of disk quota. A\nlocal attacker could possibly use this to cause a denial of service.\n(CVE-2019-15538)\n\nIt was discovered that the Hisilicon HNS3 ethernet device driver in\nthe Linux kernel contained an out of bounds access vulnerability. A\nlocal attacker could use this to possibly cause a denial of service\n(system crash). (CVE-2019-15925)\n\nIt was discovered that the Atheros mobile chipset driver in the Linux\nkernel did not properly validate data in some situations. An attacker\ncould use this to cause a denial of service (system crash).\n(CVE-2019-15926)\n\nDaniele Antonioli, Nils Ole Tippenhauer, and Kasper B. Rasmussen\ndiscovered that the Bluetooth protocol BR/EDR specification did not\nproperly require sufficiently strong encryption key lengths. A\nphysically proximate attacker could use this to expose sensitive\ninformation. (CVE-2019-9506)\n\nIt was discovered that ZR364XX Camera USB device driver for the Linux\nkernel did not properly initialize memory. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2019-15217)\n\nIt was discovered that the Siano USB MDTV receiver device driver in\nthe Linux kernel made improper assumptions about the device\ncharacteristics. A physically proximate attacker could use this cause\na denial of service (system crash). (CVE-2019-15218)\n\nIt was discovered that the Line 6 POD USB device driver in the Linux\nkernel did not properly validate data size information from the\ndevice. A physically proximate attacker could use this to cause a\ndenial of service (system crash). (CVE-2019-15221)\n\nIt was discovered that the Line 6 USB driver for the Linux kernel\ncontained a race condition when the device was disconnected. A\nphysically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15223).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4147-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-0136\", \"CVE-2019-10207\", \"CVE-2019-13631\", \"CVE-2019-15090\", \"CVE-2019-15117\", \"CVE-2019-15118\", \"CVE-2019-15211\", \"CVE-2019-15212\", \"CVE-2019-15215\", \"CVE-2019-15217\", \"CVE-2019-15218\", \"CVE-2019-15220\", \"CVE-2019-15221\", \"CVE-2019-15223\", \"CVE-2019-15538\", \"CVE-2019-15925\", \"CVE-2019-15926\", \"CVE-2019-9506\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4147-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1020-gke\", pkgver:\"5.0.0-1020.20~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-31-generic\", pkgver:\"5.0.0-31.33~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-31-generic-lpae\", pkgver:\"5.0.0-31.33~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-31-lowlatency\", pkgver:\"5.0.0-31.33~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-hwe-18.04\", pkgver:\"5.0.0.31.88\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae-hwe-18.04\", pkgver:\"5.0.0.31.88\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gke-5.0\", pkgver:\"5.0.0.1020.9\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency-hwe-18.04\", pkgver:\"5.0.0.31.88\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-snapdragon-hwe-18.04\", pkgver:\"5.0.0.31.88\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual-hwe-18.04\", pkgver:\"5.0.0.31.88\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1018-aws\", pkgver:\"5.0.0-1018.20\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1019-kvm\", pkgver:\"5.0.0-1019.20\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1019-raspi2\", pkgver:\"5.0.0-1019.19\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1020-gcp\", pkgver:\"5.0.0-1020.20\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1022-azure\", pkgver:\"5.0.0-1022.23\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1023-snapdragon\", pkgver:\"5.0.0-1023.24\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-31-generic\", pkgver:\"5.0.0-31.33\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-31-generic-lpae\", pkgver:\"5.0.0-31.33\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-31-lowlatency\", pkgver:\"5.0.0-31.33\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-aws\", pkgver:\"5.0.0.1018.19\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-azure\", pkgver:\"5.0.0.1022.21\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-gcp\", pkgver:\"5.0.0.1020.46\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic\", pkgver:\"5.0.0.31.32\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"5.0.0.31.32\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-gke\", pkgver:\"5.0.0.1020.46\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-kvm\", pkgver:\"5.0.0.1019.19\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"5.0.0.31.32\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-raspi2\", pkgver:\"5.0.0.1019.16\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"5.0.0.1023.16\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-virtual\", pkgver:\"5.0.0.31.32\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-5.0-aws / linux-image-5.0-azure / linux-image-5.0-gcp / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:07", "description": "A stack-based buffer overflow vulnerability in the 'Server: Packaging (cURL)' subcomponent could allow an unauthenticated attacker to gain complete control of an affected instance of MySQL Server.\n(CVE-2019-3822)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2740)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2805)", "cvss3": {}, "published": "2019-10-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : mysql57 (ALAS-2019-1297)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2740", "CVE-2019-2805", "CVE-2019-3822"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:mysql57", "p-cpe:/a:amazon:linux:mysql57-common", "p-cpe:/a:amazon:linux:mysql57-debuginfo", "p-cpe:/a:amazon:linux:mysql57-devel", "p-cpe:/a:amazon:linux:mysql57-embedded", "p-cpe:/a:amazon:linux:mysql57-embedded-devel", "p-cpe:/a:amazon:linux:mysql57-errmsg", "p-cpe:/a:amazon:linux:mysql57-libs", "p-cpe:/a:amazon:linux:mysql57-server", "p-cpe:/a:amazon:linux:mysql57-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1297.NASL", "href": "https://www.tenable.com/plugins/nessus/129567", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1297.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129567);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2019-2740\", \"CVE-2019-2805\", \"CVE-2019-3822\");\n script_xref(name:\"ALAS\", value:\"2019-1297\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0227\");\n\n script_name(english:\"Amazon Linux AMI : mysql57 (ALAS-2019-1297)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A stack-based buffer overflow vulnerability in the 'Server: Packaging\n(cURL)' subcomponent could allow an unauthenticated attacker to gain\ncomplete control of an affected instance of MySQL Server.\n(CVE-2019-3822)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: XML). Supported versions that are affected are\n5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily\nexploitable vulnerability allows low privileged attacker with network\naccess via multiple protocols to compromise MySQL Server. Successful\nattacks of this vulnerability can result in unauthorized ability to\ncause a hang or frequently repeatable crash (complete DOS) of MySQL\nServer. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2740)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Parser). Supported versions that are affected\nare 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily\nexploitable vulnerability allows low privileged attacker with network\naccess via multiple protocols to compromise MySQL Server. Successful\nattacks of this vulnerability can result in unauthorized ability to\ncause a hang or frequently repeatable crash (complete DOS) of MySQL\nServer. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2805)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1297.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update mysql57' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-errmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-5.7.27-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-common-5.7.27-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-debuginfo-5.7.27-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-devel-5.7.27-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-embedded-5.7.27-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-embedded-devel-5.7.27-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-errmsg-5.7.27-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-libs-5.7.27-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-server-5.7.27-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-test-5.7.27-1.13.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql57 / mysql57-common / mysql57-debuginfo / mysql57-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:24:13", "description": "This update for binutils fixes the following issues :\n\nbinutils was updated to version 2.35. (jsc#ECO-2373)\n\nUpdate to binutils 2.35 :\n\n - The assembler can now produce DWARF-5 format line number tables.\n\n - Readelf now has a 'lint' mode to enable extra checks of the files it is processing.\n\n - Readelf will now display '[...]' when it has to truncate a symbol name. The old behaviour - of displaying as many characters as possible, up to the 80 column limit - can be restored by the use of the --silent-truncation option.\n\n - The linker can now produce a dependency file listing the inputs that it has processed, much like the -M -MP option supported by the compiler.\n\n - fix DT_NEEDED order with -flto [bsc#1163744]\n\nUpdate to binutils 2.34 :\n\n - The disassembler (objdump --disassemble) now has an option to generate ascii art thats show the arcs between that start and end points of control flow instructions.\n\n - The binutils tools now have support for debuginfod.\n Debuginfod is a HTTP service for distributing ELF/DWARF debugging information as well as source code. The tools can now connect to debuginfod servers in order to download debug information about the files that they are processing.\n\n - The assembler and linker now support the generation of ELF format files for the Z80 architecture.\n\n - Add new subpackages for libctf and libctf-nobfd.\n\n - Disable LTO due to bsc#1163333.\n\n - Includes fixes for these CVEs: bsc#1153768 aka CVE-2019-17451 aka PR25070 bsc#1153770 aka CVE-2019-17450 aka PR25078\n\n - fix various build fails on aarch64 (PR25210, bsc#1157755).\n\nUpdate to binutils 2.33.1 :\n\n - Adds support for the Arm Scalable Vector Extension version 2 (SVE2) instructions, the Arm Transactional Memory Extension (TME) instructions and the Armv8.1-M Mainline and M-profile Vector Extension (MVE) instructions.\n\n - Adds support for the Arm Cortex-A76AE, Cortex-A77 and Cortex-M35P processors and the AArch64 Cortex-A34, Cortex-A65, Cortex-A65AE, Cortex-A76AE, and Cortex-A77 processors.\n\n - Adds a .float16 directive for both Arm and AArch64 to allow encoding of 16-bit floating point literals.\n\n - For MIPS, Add -m[no-]fix-loongson3-llsc option to fix (or not) Loongson3 LLSC Errata. Add a\n --enable-mips-fix-loongson3-llsc=[yes|no] configure time option to set the default behavior. Set the default if the configure option is not used to 'no'.\n\n - The Cortex-A53 Erratum 843419 workaround now supports a choice of which workaround to use. The option\n --fix-cortex-a53-843419 now takes an optional argument\n --fix-cortex-a53-843419[=full|adr|adrp] which can be used to force a particular workaround to be used. See\n --help for AArch64 for more details.\n\n - Add support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and GNU_PROPERTY_AARCH64_FEATURE_1_PAC in ELF GNU program properties in the AArch64 ELF linker. \n\n - Add -z force-bti for AArch64 to enable GNU_PROPERTY_AARCH64_FEATURE_1_BTI on output while warning about missing GNU_PROPERTY_AARCH64_FEATURE_1_BTI on inputs and use PLTs protected with BTI.\n\n - Add -z pac-plt for AArch64 to pick PAC enabled PLTs.\n\n - Add --source-comment[=<txt>] option to objdump which if present, provides a prefix to source code lines displayed in a disassembly.\n\n - Add --set-section-alignment <section-name>=<power-of-2-align> option to objcopy to allow the changing of section alignments.\n\n - Add --verilog-data-width option to objcopy for verilog targets to control width of data elements in verilog hex format.\n\n - The separate debug info file options of readelf (--debug-dump=links and --debug-dump=follow) and objdump (--dwarf=links and\n\n --dwarf=follow-links) will now display and/or follow multiple links if more than one are present in a file.\n (This usually happens when gcc's -gsplit-dwarf option is used). In addition objdump's --dwarf=follow-links now also affects its other display options, so that for example, when combined with\n\n --syms it will cause the symbol tables in any linked debug info files to also be displayed. In addition when combined with\n\n --disassemble the --dwarf= follow-links option will ensure that any symbol tables in the linked files are read and used when disassembling code in the main file.\n\n - Add support for dumping types encoded in the Compact Type Format to objdump and readelf.\n\n - Includes fixes for these CVEs: bsc#1126826 aka CVE-2019-9077 aka PR1126826 bsc#1126829 aka CVE-2019-9075 aka PR1126829 bsc#1126831 aka CVE-2019-9074 aka PR24235 bsc#1140126 aka CVE-2019-12972 aka PR23405 bsc#1143609 aka CVE-2019-14444 aka PR24829 bsc#1142649 aka CVE-2019-14250 aka PR90924\n\n - Add xBPF target\n\n - Fix various problems with DWARF 5 support in gas\n\n - fix nm -B for objects compiled with -flto and -fcommon.\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {}, "published": "2020-11-02T00:00:00", "type": "nessus", "title": "openSUSE Security Update : binutils (openSUSE-2020-1790)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12972", "CVE-2019-14250", "CVE-2019-14444", "CVE-2019-17450", "CVE-2019-17451", "CVE-2019-9074", "CVE-2019-9075", "CVE-2019-9077"], "modified": "2021-10-12T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:binutils", "p-cpe:/a:novell:opensuse:binutils-debuginfo", "p-cpe:/a:novell:opensuse:binutils-debugsource", "p-cpe:/a:novell:opensuse:binutils-devel", "p-cpe:/a:novell:opensuse:binutils-devel-32bit", "p-cpe:/a:novell:opensuse:binutils-gold", "p-cpe:/a:novell:opensuse:binutils-gold-debuginfo", "p-cpe:/a:novell:opensuse:cross-aarch64-binutils", "p-cpe:/a:novell:opensuse:cross-aarch64-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-aarch64-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-arm-binutils", "p-cpe:/a:novell:opensuse:cross-arm-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-arm-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-i386-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-avr-binutils", "p-cpe:/a:novell:opensuse:cross-ia64-binutils", "p-cpe:/a:novell:opensuse:cross-avr-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-ia64-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-avr-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-ia64-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-m68k-binutils", "p-cpe:/a:novell:opensuse:cross-epiphany-binutils", "p-cpe:/a:novell:opensuse:cross-m68k-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-m68k-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-epiphany-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-mips-binutils", "p-cpe:/a:novell:opensuse:cross-epiphany-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-mips-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-mips-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-ppc-binutils", "p-cpe:/a:novell:opensuse:cross-ppc-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-ppc-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-hppa-binutils", "p-cpe:/a:novell:opensuse:cross-ppc64-binutils", "p-cpe:/a:novell:opensuse:cross-hppa-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-ppc64-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-ppc64-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-ppc64le-binutils", "p-cpe:/a:novell:opensuse:cross-ppc64le-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-ppc64le-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-riscv64-binutils", "p-cpe:/a:novell:opensuse:cross-riscv64-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-riscv64-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-rx-binutils", "p-cpe:/a:novell:opensuse:cross-rx-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-rx-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-s390-binutils", "p-cpe:/a:novell:opensuse:cross-s390-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-s390-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-s390x-binutils", "p-cpe:/a:novell:opensuse:cross-s390x-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-s390x-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-sparc-binutils", "p-cpe:/a:novell:opensuse:cross-sparc-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-sparc-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-sparc64-binutils", "p-cpe:/a:novell:opensuse:cross-sparc64-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-sparc64-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-spu-binutils", "p-cpe:/a:novell:opensuse:cross-spu-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-spu-binutils-debugsource", "p-cpe:/a:novell:opensuse:libctf-nobfd0", "p-cpe:/a:novell:opensuse:libctf-nobfd0-debuginfo", "p-cpe:/a:novell:opensuse:libctf0", "p-cpe:/a:novell:opensuse:libctf0-debuginfo", "cpe:/o:novell:opensuse:15.1", "p-cpe:/a:novell:opensuse:cross-hppa-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-hppa64-binutils", "p-cpe:/a:novell:opensuse:cross-hppa64-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-hppa64-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-i386-binutils", "p-cpe:/a:novell:opensuse:cross-i386-binutils-debuginfo"], "id": "OPENSUSE-2020-1790.NASL", "href": "https://www.tenable.com/plugins/nessus/142163", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1790.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(142163);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/12\");\n\n script_cve_id(\"CVE-2019-12972\", \"CVE-2019-14250\", \"CVE-2019-14444\", \"CVE-2019-17450\", \"CVE-2019-17451\", \"CVE-2019-9074\", \"CVE-2019-9075\", \"CVE-2019-9077\");\n\n script_name(english:\"openSUSE Security Update : binutils (openSUSE-2020-1790)\");\n script_summary(english:\"Check for the openSUSE-2020-1790 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for binutils fixes the following issues :\n\nbinutils was updated to version 2.35. (jsc#ECO-2373)\n\nUpdate to binutils 2.35 :\n\n - The assembler can now produce DWARF-5 format line number\n tables.\n\n - Readelf now has a 'lint' mode to enable extra checks of\n the files it is processing.\n\n - Readelf will now display '[...]' when it has to truncate\n a symbol name. The old behaviour - of displaying as many\n characters as possible, up to the 80 column limit - can\n be restored by the use of the --silent-truncation\n option.\n\n - The linker can now produce a dependency file listing the\n inputs that it has processed, much like the -M -MP\n option supported by the compiler.\n\n - fix DT_NEEDED order with -flto [bsc#1163744]\n\nUpdate to binutils 2.34 :\n\n - The disassembler (objdump --disassemble) now has an\n option to generate ascii art thats show the arcs between\n that start and end points of control flow instructions.\n\n - The binutils tools now have support for debuginfod.\n Debuginfod is a HTTP service for distributing ELF/DWARF\n debugging information as well as source code. The tools\n can now connect to debuginfod servers in order to\n download debug information about the files that they are\n processing.\n\n - The assembler and linker now support the generation of\n ELF format files for the Z80 architecture.\n\n - Add new subpackages for libctf and libctf-nobfd.\n\n - Disable LTO due to bsc#1163333.\n\n - Includes fixes for these CVEs: bsc#1153768 aka\n CVE-2019-17451 aka PR25070 bsc#1153770 aka\n CVE-2019-17450 aka PR25078\n\n - fix various build fails on aarch64 (PR25210,\n bsc#1157755).\n\nUpdate to binutils 2.33.1 :\n\n - Adds support for the Arm Scalable Vector Extension\n version 2 (SVE2) instructions, the Arm Transactional\n Memory Extension (TME) instructions and the Armv8.1-M\n Mainline and M-profile Vector Extension (MVE)\n instructions.\n\n - Adds support for the Arm Cortex-A76AE, Cortex-A77 and\n Cortex-M35P processors and the AArch64 Cortex-A34,\n Cortex-A65, Cortex-A65AE, Cortex-A76AE, and Cortex-A77\n processors.\n\n - Adds a .float16 directive for both Arm and AArch64 to\n allow encoding of 16-bit floating point literals.\n\n - For MIPS, Add -m[no-]fix-loongson3-llsc option to fix\n (or not) Loongson3 LLSC Errata. Add a\n --enable-mips-fix-loongson3-llsc=[yes|no] configure time\n option to set the default behavior. Set the default if\n the configure option is not used to 'no'.\n\n - The Cortex-A53 Erratum 843419 workaround now supports a\n choice of which workaround to use. The option\n --fix-cortex-a53-843419 now takes an optional argument\n --fix-cortex-a53-843419[=full|adr|adrp] which can be\n used to force a particular workaround to be used. See\n --help for AArch64 for more details.\n\n - Add support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and\n GNU_PROPERTY_AARCH64_FEATURE_1_PAC in ELF GNU program\n properties in the AArch64 ELF linker. \n\n - Add -z force-bti for AArch64 to enable\n GNU_PROPERTY_AARCH64_FEATURE_1_BTI on output while\n warning about missing GNU_PROPERTY_AARCH64_FEATURE_1_BTI\n on inputs and use PLTs protected with BTI.\n\n - Add -z pac-plt for AArch64 to pick PAC enabled PLTs.\n\n - Add --source-comment[=<txt>] option to objdump which if\n present, provides a prefix to source code lines\n displayed in a disassembly.\n\n - Add --set-section-alignment\n <section-name>=<power-of-2-align> option to objcopy to\n allow the changing of section alignments.\n\n - Add --verilog-data-width option to objcopy for verilog\n targets to control width of data elements in verilog hex\n format.\n\n - The separate debug info file options of readelf\n (--debug-dump=links and --debug-dump=follow) and objdump\n (--dwarf=links and\n\n --dwarf=follow-links) will now display and/or follow\n multiple links if more than one are present in a file.\n (This usually happens when gcc's -gsplit-dwarf option is\n used). In addition objdump's --dwarf=follow-links now\n also affects its other display options, so that for\n example, when combined with\n\n --syms it will cause the symbol tables in any linked\n debug info files to also be displayed. In addition when\n combined with\n\n --disassemble the --dwarf= follow-links option will\n ensure that any symbol tables in the linked files are\n read and used when disassembling code in the main file.\n\n - Add support for dumping types encoded in the Compact\n Type Format to objdump and readelf.\n\n - Includes fixes for these CVEs: bsc#1126826 aka\n CVE-2019-9077 aka PR1126826 bsc#1126829 aka\n CVE-2019-9075 aka PR1126829 bsc#1126831 aka\n CVE-2019-9074 aka PR24235 bsc#1140126 aka CVE-2019-12972\n aka PR23405 bsc#1143609 aka CVE-2019-14444 aka PR24829\n bsc#1142649 aka CVE-2019-14250 aka PR90924\n\n - Add xBPF target\n\n - Fix various problems with DWARF 5 support in gas\n\n - fix nm -B for objects compiled with -flto and -fcommon.\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1143609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1157755\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1160254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1160590\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1163333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1163744\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected binutils packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9077\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils-gold\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils-gold-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-aarch64-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-aarch64-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-aarch64-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-arm-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-arm-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-arm-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-avr-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-avr-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-avr-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-epiphany-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-epiphany-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-epiphany-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-hppa-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-hppa-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-hppa-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-hppa64-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-hppa64-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-hppa64-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-i386-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-i386-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-i386-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ia64-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ia64-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ia64-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-m68k-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-m68k-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-m68k-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-mips-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-mips-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-mips-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc64-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc64-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc64-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc64le-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc64le-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc64le-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-riscv64-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-riscv64-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-riscv64-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-rx-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-rx-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-rx-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-s390-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-s390-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-s390-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-s390x-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-s390x-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-s390x-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-sparc-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-sparc-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-sparc-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-sparc64-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-sparc64-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-sparc64-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-spu-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-spu-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-spu-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libctf-nobfd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libctf-nobfd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libctf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libctf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"binutils-devel-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"binutils-gold-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"binutils-gold-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libctf-nobfd0-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libctf-nobfd0-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libctf0-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libctf0-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"binutils-devel-32bit-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-aarch64-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-aarch64-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-aarch64-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-arm-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-arm-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-arm-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-avr-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-avr-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-avr-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-epiphany-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-epiphany-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-epiphany-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-hppa-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-hppa-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-hppa-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-hppa64-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-hppa64-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-hppa64-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-i386-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-i386-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-i386-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-ia64-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-ia64-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-ia64-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-m68k-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-m68k-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-m68k-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-mips-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-mips-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-mips-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-ppc-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-ppc-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-ppc-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-ppc64-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-ppc64-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-ppc64-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-ppc64le-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-ppc64le-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-ppc64le-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-riscv64-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-riscv64-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-riscv64-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-rx-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-rx-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-rx-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-s390-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-s390-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-s390-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-s390x-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-s390x-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-s390x-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-sparc-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-sparc-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-sparc-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-sparc64-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-sparc64-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-sparc64-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-spu-binutils-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-spu-binutils-debuginfo-2.35-lp151.3.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"cross-spu-binutils-debugsource-2.35-lp151.3.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"binutils / binutils-debuginfo / binutils-debugsource / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:24:13", "description": "This update for binutils fixes the following issues :\n\nbinutils was updated to version 2.35. (jsc#ECO-2373)\n\nUpdate to binutils 2.35 :\n\n - The assembler can now produce DWARF-5 format line number tables.\n\n - Readelf now has a 'lint' mode to enable extra checks of the files it is processing.\n\n - Readelf will now display '[...]' when it has to truncate a symbol name. The old behaviour - of displaying as many characters as possible, up to the 80 column limit - can be restored by the use of the --silent-truncation option.\n\n - The linker can now produce a dependency file listing the inputs that it has processed, much like the -M -MP option supported by the compiler.\n\n - fix DT_NEEDED order with -flto [bsc#1163744]\n\nUpdate to binutils 2.34 :\n\n - The disassembler (objdump --disassemble) now has an option to generate ascii art thats show the arcs between that start and end points of control flow instructions.\n\n - The binutils tools now have support for debuginfod.\n Debuginfod is a HTTP service for distributing ELF/DWARF debugging information as well as source code. The tools can now connect to debuginfod servers in order to download debug information about the files that they are processing.\n\n - The assembler and linker now support the generation of ELF format files for the Z80 architecture.\n\n - Add new subpackages for libctf and libctf-nobfd.\n\n - Disable LTO due to bsc#1163333.\n\n - Includes fixes for these CVEs: bsc#1153768 aka CVE-2019-17451 aka PR25070 bsc#1153770 aka CVE-2019-17450 aka PR25078\n\n - fix various build fails on aarch64 (PR25210, bsc#1157755).\n\nUpdate to binutils 2.33.1 :\n\n - Adds support for the Arm Scalable Vector Extension version 2 (SVE2) instructions, the Arm Transactional Memory Extension (TME) instructions and the Armv8.1-M Mainline and M-profile Vector Extension (MVE) instructions.\n\n - Adds support for the Arm Cortex-A76AE, Cortex-A77 and Cortex-M35P processors and the AArch64 Cortex-A34, Cortex-A65, Cortex-A65AE, Cortex-A76AE, and Cortex-A77 processors.\n\n - Adds a .float16 directive for both Arm and AArch64 to allow encoding of 16-bit floating point literals.\n\n - For MIPS, Add -m[no-]fix-loongson3-llsc option to fix (or not) Loongson3 LLSC Errata. Add a\n --enable-mips-fix-loongson3-llsc=[yes|no] configure time option to set the default behavior. Set the default if the configure option is not used to 'no'.\n\n - The Cortex-A53 Erratum 843419 workaround now supports a choice of which workaround to use. The option\n --fix-cortex-a53-843419 now takes an optional argument\n --fix-cortex-a53-843419[=full|adr|adrp] which can be used to force a particular workaround to be used. See\n --help for AArch64 for more details.\n\n - Add support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and GNU_PROPERTY_AARCH64_FEATURE_1_PAC in ELF GNU program properties in the AArch64 ELF linker. \n\n - Add -z force-bti for AArch64 to enable GNU_PROPERTY_AARCH64_FEATURE_1_BTI on output while warning about missing GNU_PROPERTY_AARCH64_FEATURE_1_BTI on inputs and use PLTs protected with BTI.\n\n - Add -z pac-plt for AArch64 to pick PAC enabled PLTs.\n\n - Add --source-comment[=<txt>] option to objdump which if present, provides a prefix to source code lines displayed in a disassembly.\n\n - Add --set-section-alignment <section-name>=<power-of-2-align> option to objcopy to allow the changing of section alignments.\n\n - Add --verilog-data-width option to objcopy for verilog targets to control width of data elements in verilog hex format.\n\n - The separate debug info file options of readelf (--debug-dump=links and --debug-dump=follow) and objdump (--dwarf=links and\n\n --dwarf=follow-links) will now display and/or follow multiple links if more than one are present in a file.\n (This usually happens when gcc's -gsplit-dwarf option is used). In addition objdump's --dwarf=follow-links now also affects its other display options, so that for example, when combined with\n\n --syms it will cause the symbol tables in any linked debug info files to also be displayed. In addition when combined with\n\n --disassemble the --dwarf= follow-links option will ensure that any symbol tables in the linked files are read and used when disassembling code in the main file.\n\n - Add support for dumping types encoded in the Compact Type Format to objdump and readelf.\n\n - Includes fixes for these CVEs: bsc#1126826 aka CVE-2019-9077 aka PR1126826 bsc#1126829 aka CVE-2019-9075 aka PR1126829 bsc#1126831 aka CVE-2019-9074 aka PR24235 bsc#1140126 aka CVE-2019-12972 aka PR23405 bsc#1143609 aka CVE-2019-14444 aka PR24829 bsc#1142649 aka CVE-2019-14250 aka PR90924\n\n - Add xBPF target\n\n - Fix various problems with DWARF 5 support in gas\n\n - fix nm -B for objects compiled with -flto and -fcommon.\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {}, "published": "2020-11-02T00:00:00", "type": "nessus", "title": "openSUSE Security Update : binutils (openSUSE-2020-1804)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12972", "CVE-2019-14250", "CVE-2019-14444", "CVE-2019-17450", "CVE-2019-17451", "CVE-2019-9074", "CVE-2019-9075", "CVE-2019-9077"], "modified": "2021-04-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:binutils", "p-cpe:/a:novell:opensuse:binutils-debuginfo", "p-cpe:/a:novell:opensuse:binutils-debugsource", "p-cpe:/a:novell:opensuse:binutils-devel", "p-cpe:/a:novell:opensuse:binutils-devel-32bit", "p-cpe:/a:novell:opensuse:binutils-gold", "p-cpe:/a:novell:opensuse:binutils-gold-debuginfo", "p-cpe:/a:novell:opensuse:cross-aarch64-binutils", "p-cpe:/a:novell:opensuse:cross-aarch64-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-aarch64-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-arm-binutils", "p-cpe:/a:novell:opensuse:cross-arm-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-arm-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-avr-binutils", "p-cpe:/a:novell:opensuse:cross-avr-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-avr-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-epiphany-binutils", "p-cpe:/a:novell:opensuse:cross-epiphany-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-epiphany-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-hppa-binutils", "p-cpe:/a:novell:opensuse:cross-hppa-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-hppa-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-hppa64-binutils", "p-cpe:/a:novell:opensuse:cross-hppa64-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-hppa64-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-i386-binutils", "p-cpe:/a:novell:opensuse:cross-i386-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-i386-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-ia64-binutils", "p-cpe:/a:novell:opensuse:cross-ia64-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-ia64-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-m68k-binutils", "p-cpe:/a:novell:opensuse:cross-m68k-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-m68k-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-mips-binutils", "p-cpe:/a:novell:opensuse:cross-mips-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-mips-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-ppc-binutils", "p-cpe:/a:novell:opensuse:cross-ppc-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-ppc-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-ppc64-binutils", "p-cpe:/a:novell:opensuse:cross-ppc64-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-ppc64-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-ppc64le-binutils", "p-cpe:/a:novell:opensuse:cross-ppc64le-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-ppc64le-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-riscv64-binutils", "p-cpe:/a:novell:opensuse:cross-riscv64-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-riscv64-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-rx-binutils", "p-cpe:/a:novell:opensuse:cross-rx-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-rx-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-s390-binutils", "p-cpe:/a:novell:opensuse:cross-s390-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-s390-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-s390x-binutils", "p-cpe:/a:novell:opensuse:cross-s390x-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-s390x-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-sparc-binutils", "p-cpe:/a:novell:opensuse:cross-sparc-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-sparc-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-sparc64-binutils", "p-cpe:/a:novell:opensuse:cross-sparc64-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-sparc64-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-spu-binutils", "p-cpe:/a:novell:opensuse:cross-spu-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-spu-binutils-debugsource", "p-cpe:/a:novell:opensuse:cross-xtensa-binutils", "p-cpe:/a:novell:opensuse:cross-xtensa-binutils-debuginfo", "p-cpe:/a:novell:opensuse:cross-xtensa-binutils-debugsource", "p-cpe:/a:novell:opensuse:libctf-nobfd0", "p-cpe:/a:novell:opensuse:libctf-nobfd0-debuginfo", "p-cpe:/a:novell:opensuse:libctf0", "p-cpe:/a:novell:opensuse:libctf0-debuginfo", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1804.NASL", "href": "https://www.tenable.com/plugins/nessus/142149", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1804.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(142149);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/02\");\n\n script_cve_id(\"CVE-2019-12972\", \"CVE-2019-14250\", \"CVE-2019-14444\", \"CVE-2019-17450\", \"CVE-2019-17451\", \"CVE-2019-9074\", \"CVE-2019-9075\", \"CVE-2019-9077\");\n\n script_name(english:\"openSUSE Security Update : binutils (openSUSE-2020-1804)\");\n script_summary(english:\"Check for the openSUSE-2020-1804 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for binutils fixes the following issues :\n\nbinutils was updated to version 2.35. (jsc#ECO-2373)\n\nUpdate to binutils 2.35 :\n\n - The assembler can now produce DWARF-5 format line number\n tables.\n\n - Readelf now has a 'lint' mode to enable extra checks of\n the files it is processing.\n\n - Readelf will now display '[...]' when it has to truncate\n a symbol name. The old behaviour - of displaying as many\n characters as possible, up to the 80 column limit - can\n be restored by the use of the --silent-truncation\n option.\n\n - The linker can now produce a dependency file listing the\n inputs that it has processed, much like the -M -MP\n option supported by the compiler.\n\n - fix DT_NEEDED order with -flto [bsc#1163744]\n\nUpdate to binutils 2.34 :\n\n - The disassembler (objdump --disassemble) now has an\n option to generate ascii art thats show the arcs between\n that start and end points of control flow instructions.\n\n - The binutils tools now have support for debuginfod.\n Debuginfod is a HTTP service for distributing ELF/DWARF\n debugging information as well as source code. The tools\n can now connect to debuginfod servers in order to\n download debug information about the files that they are\n processing.\n\n - The assembler and linker now support the generation of\n ELF format files for the Z80 architecture.\n\n - Add new subpackages for libctf and libctf-nobfd.\n\n - Disable LTO due to bsc#1163333.\n\n - Includes fixes for these CVEs: bsc#1153768 aka\n CVE-2019-17451 aka PR25070 bsc#1153770 aka\n CVE-2019-17450 aka PR25078\n\n - fix various build fails on aarch64 (PR25210,\n bsc#1157755).\n\nUpdate to binutils 2.33.1 :\n\n - Adds support for the Arm Scalable Vector Extension\n version 2 (SVE2) instructions, the Arm Transactional\n Memory Extension (TME) instructions and the Armv8.1-M\n Mainline and M-profile Vector Extension (MVE)\n instructions.\n\n - Adds support for the Arm Cortex-A76AE, Cortex-A77 and\n Cortex-M35P processors and the AArch64 Cortex-A34,\n Cortex-A65, Cortex-A65AE, Cortex-A76AE, and Cortex-A77\n processors.\n\n - Adds a .float16 directive for both Arm and AArch64 to\n allow encoding of 16-bit floating point literals.\n\n - For MIPS, Add -m[no-]fix-loongson3-llsc option to fix\n (or not) Loongson3 LLSC Errata. Add a\n --enable-mips-fix-loongson3-llsc=[yes|no] configure time\n option to set the default behavior. Set the default if\n the configure option is not used to 'no'.\n\n - The Cortex-A53 Erratum 843419 workaround now supports a\n choice of which workaround to use. The option\n --fix-cortex-a53-843419 now takes an optional argument\n --fix-cortex-a53-843419[=full|adr|adrp] which can be\n used to force a particular workaround to be used. See\n --help for AArch64 for more details.\n\n - Add support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and\n GNU_PROPERTY_AARCH64_FEATURE_1_PAC in ELF GNU program\n properties in the AArch64 ELF linker. \n\n - Add -z force-bti for AArch64 to enable\n GNU_PROPERTY_AARCH64_FEATURE_1_BTI on output while\n warning about missing GNU_PROPERTY_AARCH64_FEATURE_1_BTI\n on inputs and use PLTs protected with BTI.\n\n - Add -z pac-plt for AArch64 to pick PAC enabled PLTs.\n\n - Add --source-comment[=<txt>] option to objdump which if\n present, provides a prefix to source code lines\n displayed in a disassembly.\n\n - Add --set-section-alignment\n <section-name>=<power-of-2-align> option to objcopy to\n allow the changing of section alignments.\n\n - Add --verilog-data-width option to objcopy for verilog\n targets to control width of data elements in verilog hex\n format.\n\n - The separate debug info file options of readelf\n (--debug-dump=links and --debug-dump=follow) and objdump\n (--dwarf=links and\n\n --dwarf=follow-links) will now display and/or follow\n multiple links if more than one are present in a file.\n (This usually happens when gcc's -gsplit-dwarf option is\n used). In addition objdump's --dwarf=follow-links now\n also affects its other display options, so that for\n example, when combined with\n\n --syms it will cause the symbol tables in any linked\n debug info files to also be displayed. In addition when\n combined with\n\n --disassemble the --dwarf= follow-links option will\n ensure that any symbol tables in the linked files are\n read and used when disassembling code in the main file.\n\n - Add support for dumping types encoded in the Compact\n Type Format to objdump and readelf.\n\n - Includes fixes for these CVEs: bsc#1126826 aka\n CVE-2019-9077 aka PR1126826 bsc#1126829 aka\n CVE-2019-9075 aka PR1126829 bsc#1126831 aka\n CVE-2019-9074 aka PR24235 bsc#1140126 aka CVE-2019-12972\n aka PR23405 bsc#1143609 aka CVE-2019-14444 aka PR24829\n bsc#1142649 aka CVE-2019-14250 aka PR90924\n\n - Add xBPF target\n\n - Fix various problems with DWARF 5 support in gas\n\n - fix nm -B for objects compiled with -flto and -fcommon.\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1126831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1143609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1157755\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1160254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1160590\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1163333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1163744\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected binutils packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils-gold\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:binutils-gold-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-aarch64-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-aarch64-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-aarch64-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-arm-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-arm-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-arm-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-avr-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-avr-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-avr-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-epiphany-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-epiphany-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-epiphany-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-hppa-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-hppa-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-hppa-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-hppa64-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-hppa64-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-hppa64-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-i386-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-i386-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-i386-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ia64-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ia64-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ia64-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-m68k-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-m68k-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-m68k-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-mips-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-mips-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-mips-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc64-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc64-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc64-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc64le-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc64le-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-ppc64le-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-riscv64-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-riscv64-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-riscv64-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-rx-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-rx-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-rx-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-s390-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-s390-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-s390-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-s390x-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-s390x-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-s390x-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-sparc-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-sparc-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-sparc-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-sparc64-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-sparc64-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-sparc64-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-spu-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-spu-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-spu-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-xtensa-binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-xtensa-binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cross-xtensa-binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libctf-nobfd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libctf-nobfd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libctf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libctf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"binutils-devel-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"binutils-gold-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"binutils-gold-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libctf-nobfd0-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libctf-nobfd0-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libctf0-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libctf0-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"binutils-devel-32bit-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-aarch64-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-aarch64-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-aarch64-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-arm-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-arm-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-arm-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-avr-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-avr-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-avr-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-epiphany-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-epiphany-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-epiphany-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-hppa-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-hppa-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-hppa-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-hppa64-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-hppa64-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-hppa64-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-i386-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-i386-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-i386-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-ia64-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-ia64-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-ia64-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-m68k-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-m68k-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-m68k-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-mips-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-mips-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-mips-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-ppc-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-ppc-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-ppc-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-ppc64-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-ppc64-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-ppc64-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-ppc64le-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-ppc64le-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-ppc64le-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-riscv64-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-riscv64-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-riscv64-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-rx-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-rx-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-rx-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-s390-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-s390-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-s390-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-s390x-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-s390x-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-s390x-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-sparc-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-sparc-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-sparc-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-sparc64-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-sparc64-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-sparc64-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-spu-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-spu-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-spu-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-xtensa-binutils-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-xtensa-binutils-debuginfo-2.35-lp152.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"cross-xtensa-binutils-debugsource-2.35-lp152.4.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"binutils / binutils-debuginfo / binutils-debugsource / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:11", "description": "This update for binutils fixes the following issues :\n\nbinutils was updated to version 2.35. (jsc#ECO-2373)\n\nUpdate to binutils 2.35 :\n\nThe assembler can now produce DWARF-5 format line number tables.\n\nReadelf now has a 'lint' mode to enable extra checks of the files it is processing.\n\nReadelf will now display '[...]' when it has to truncate a symbol name. The old behaviour - of displaying as many characters as possible, up to the 80 column limit - can be restored by the use of the\n\n--silent-truncation option.\n\nThe linker can now produce a dependency file listing the inputs that it has processed, much like the -M -MP option supported by the compiler.\n\nfix DT_NEEDED order with -flto [bsc#1163744]\n\nUpdate to binutils 2.34 :\n\nThe disassembler (objdump --disassemble) now has an option to generate ascii art thats show the arcs between that start and end points of control flow instructions.\n\nThe binutils tools now have support for debuginfod. Debuginfod is a HTTP service for distributing ELF/DWARF debugging information as well as source code. The tools can now connect to debuginfod servers in order to download debug information about the files that they are processing.\n\nThe assembler and linker now support the generation of ELF format files for the Z80 architecture.\n\nAdd new subpackages for libctf and libctf-nobfd.\n\nDisable LTO due to bsc#1163333.\n\nIncludes fixes for these CVEs: bsc#1153768 aka CVE-2019-17451 aka PR25070 bsc#1153770 aka CVE-2019-17450 aka PR25078\n\nfix various build fails on aarch64 (PR25210, bsc#1157755).\n\nUpdate to binutils 2.33.1 :\n\nAdds support for the Arm Scalable Vector Extension version 2 (SVE2) instructions, the Arm Transactional Memory Extension (TME) instructions and the Armv8.1-M Mainline and M-profile Vector Extension (MVE) instructions.\n\nAdds support for the Arm Cortex-A76AE, Cortex-A77 and Cortex-M35P processors and the AArch64 Cortex-A34, Cortex-A65, Cortex-A65AE, Cortex-A76AE, and Cortex-A77 processors.\n\nAdds a .float16 directive for both Arm and AArch64 to allow encoding of 16-bit floating point literals.\n\nFor MIPS, Add -m[no-]fix-loongson3-llsc option to fix (or not) Loongson3 LLSC Errata. Add a --enable-mips-fix-loongson3-llsc=[yes|no] configure time option to set the default behavior. Set the default if the configure option is not used to 'no'.\n\nThe Cortex-A53 Erratum 843419 workaround now supports a choice of which workaround to use. The option --fix-cortex-a53-843419 now takes an optional argument --fix-cortex-a53-843419[=full|adr|adrp] which can be used to force a particular workaround to be used. See --help for AArch64 for more details.\n\nAdd support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and GNU_PROPERTY_AARCH64_FEATURE_1_PAC in ELF GNU program properties in the AArch64 ELF linker.\n\nAdd -z force-bti for AArch64 to enable GNU_PROPERTY_AARCH64_FEATURE_1_BTI on output while warning about missing GNU_PROPERTY_AARCH64_FEATURE_1_BTI on inputs and use PLTs protected with BTI.\n\nAdd -z pac-plt for AArch64 to pick PAC enabled PLTs.\n\nAdd --source-comment[=<txt>] option to objdump which if present, provides a prefix to source code lines displayed in a disassembly.\n\nAdd --set-section-alignment <section-name>=<power-of-2-align> option to objcopy to allow the changing of section alignments.\n\nAdd --verilog-data-width option to objcopy for verilog targets to control width of data elements in verilog hex format.\n\nThe separate debug info file options of readelf (--debug-dump=links and\n\n--debug-dump=follow) and objdump (--dwarf=links and\n\n--dwarf=follow-links) will now display and/or follow multiple links if more than one are present in a file. (This usually happens when gcc's\n\n-gsplit-dwarf option is used). In addition objdump's\n\n--dwarf=follow-links now also affects its other display options, so that for example, when combined with\n\n--syms it will cause the symbol tables in any linked debug info files to also be displayed. In addition when combined with\n\n--disassemble the --dwarf= follow-links option will ensure that any symbol tables in the linked files are read and used when disassembling code in the main file.\n\nAdd support for dumping types encoded in the Compact Type Format to objdump and readelf.\n\nIncludes fixes for these CVEs: bsc#1126826 aka CVE-2019-9077 aka PR1126826 bsc#1126829 aka CVE-2019-9075 aka PR1126829 bsc#1126831 aka CVE-2019-9074 aka PR24235 bsc#1140126 aka CVE-2019-12972 aka PR23405 bsc#1143609 aka CVE-2019-14444 aka PR24829 bsc#1142649 aka CVE-2019-14250 aka PR90924\n\nAdd xBPF target\n\nFix various problems with DWARF 5 support in gas\n\nfix nm -B for objects compiled with -flto and -fcommon.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : binutils (SUSE-SU-2020:3060-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12972", "CVE-2019-14250", "CVE-2019-14444", "CVE-2019-17450", "CVE-2019-17451", "CVE-2019-9074", "CVE-2019-9075", "CVE-2019-9077"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:binutils", "p-cpe:/a:novell:suse_linux:binutils-debuginfo", "p-cpe:/a:novell:suse_linux:binutils-debugsource", "p-cpe:/a:novell:suse_linux:binutils-devel", "p-cpe:/a:novell:suse_linux:binutils-gold", "p-cpe:/a:novell:suse_linux:binutils-gold-debuginfo", "p-cpe:/a:novell:suse_linux:libctf-nobfd0", "p-cpe:/a:novell:suse_linux:libctf-nobfd0-debuginfo", "p-cpe:/a:novell:suse_linux:libctf0", "p-cpe:/a:novell:suse_linux:libctf0-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-3060-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143614", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3060-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143614);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-12972\", \"CVE-2019-14250\", \"CVE-2019-14444\", \"CVE-2019-17450\", \"CVE-2019-17451\", \"CVE-2019-9074\", \"CVE-2019-9075\", \"CVE-2019-9077\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : binutils (SUSE-SU-2020:3060-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for binutils fixes the following issues :\n\nbinutils was updated to version 2.35. (jsc#ECO-2373)\n\nUpdate to binutils 2.35 :\n\nThe assembler can now produce DWARF-5 format line number tables.\n\nReadelf now has a 'lint' mode to enable extra checks of the files it\nis processing.\n\nReadelf will now display '[...]' when it has to truncate a symbol\nname. The old behaviour - of displaying as many characters as\npossible, up to the 80 column limit - can be restored by the use of\nthe\n\n--silent-truncation option.\n\nThe linker can now produce a dependency file listing the inputs that\nit has processed, much like the -M -MP option supported by the\ncompiler.\n\nfix DT_NEEDED order with -flto [bsc#1163744]\n\nUpdate to binutils 2.34 :\n\nThe disassembler (objdump --disassemble) now has an option to generate\nascii art thats show the arcs between that start and end points of\ncontrol flow instructions.\n\nThe binutils tools now have support for debuginfod. Debuginfod is a\nHTTP service for distributing ELF/DWARF debugging information as well\nas source code. The tools can now connect to debuginfod servers in\norder to download debug information about the files that they are\nprocessing.\n\nThe assembler and linker now support the generation of ELF format\nfiles for the Z80 architecture.\n\nAdd new subpackages for libctf and libctf-nobfd.\n\nDisable LTO due to bsc#1163333.\n\nIncludes fixes for these CVEs: bsc#1153768 aka CVE-2019-17451 aka\nPR25070 bsc#1153770 aka CVE-2019-17450 aka PR25078\n\nfix various build fails on aarch64 (PR25210, bsc#1157755).\n\nUpdate to binutils 2.33.1 :\n\nAdds support for the Arm Scalable Vector Extension version 2 (SVE2)\ninstructions, the Arm Transactional Memory Extension (TME)\ninstructions and the Armv8.1-M Mainline and M-profile Vector Extension\n(MVE) instructions.\n\nAdds support for the Arm Cortex-A76AE, Cortex-A77 and Cortex-M35P\nprocessors and the AArch64 Cortex-A34, Cortex-A65, Cortex-A65AE,\nCortex-A76AE, and Cortex-A77 processors.\n\nAdds a .float16 directive for both Arm and AArch64 to allow encoding\nof 16-bit floating point literals.\n\nFor MIPS, Add -m[no-]fix-loongson3-llsc option to fix (or not)\nLoongson3 LLSC Errata. Add a --enable-mips-fix-loongson3-llsc=[yes|no]\nconfigure time option to set the default behavior. Set the default if\nthe configure option is not used to 'no'.\n\nThe Cortex-A53 Erratum 843419 workaround now supports a choice of\nwhich workaround to use. The option --fix-cortex-a53-843419 now takes\nan optional argument --fix-cortex-a53-843419[=full|adr|adrp] which can\nbe used to force a particular workaround to be used. See --help for\nAArch64 for more details.\n\nAdd support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and\nGNU_PROPERTY_AARCH64_FEATURE_1_PAC in ELF GNU program properties in\nthe AArch64 ELF linker.\n\nAdd -z force-bti for AArch64 to enable\nGNU_PROPERTY_AARCH64_FEATURE_1_BTI on output while warning about\nmissing GNU_PROPERTY_AARCH64_FEATURE_1_BTI on inputs and use PLTs\nprotected with BTI.\n\nAdd -z pac-plt for AArch64 to pick PAC enabled PLTs.\n\nAdd --source-comment[=<txt>] option to objdump which if present,\nprovides a prefix to source code lines displayed in a disassembly.\n\nAdd --set-section-alignment <section-name>=<power-of-2-align> option\nto objcopy to allow the changing of section alignments.\n\nAdd --verilog-data-width option to objcopy for verilog targets to\ncontrol width of data elements in verilog hex format.\n\nThe separate debug info file options of readelf (--debug-dump=links\nand\n\n--debug-dump=follow) and objdump (--dwarf=links and\n\n--dwarf=follow-links) will now display and/or follow\nmultiple links if more than one are present in a file. (This\nusually happens when gcc's\n\n-gsplit-dwarf option is used). In addition objdump's\n\n--dwarf=follow-links now also affects its other display\noptions, so that for example, when combined with\n\n--syms it will cause the symbol tables in any linked debug\ninfo files to also be displayed. In addition when combined\nwith\n\n--disassemble the --dwarf= follow-links option will ensure\nthat any symbol tables in the linked files are read and used\nwhen disassembling code in the main file.\n\nAdd support for dumping types encoded in the Compact Type Format to\nobjdump and readelf.\n\nIncludes fixes for these CVEs: bsc#1126826 aka CVE-2019-9077 aka\nPR1126826 bsc#1126829 aka CVE-2019-9075 aka PR1126829 bsc#1126831 aka\nCVE-2019-9074 aka PR24235 bsc#1140126 aka CVE-2019-12972 aka PR23405\nbsc#1143609 aka CVE-2019-14444 aka PR24829 bsc#1142649 aka\nCVE-2019-14250 aka PR90924\n\nAdd xBPF target\n\nFix various problems with DWARF 5 support in gas\n\nfix nm -B for objects compiled with -flto and -fcommon.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157755\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160590\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12972/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14250/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14444/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-17450/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-17451/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9074/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9075/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9077/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203060-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?02eaac83\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Packagehub Subpackages 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2020-3060=1\n\nSUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1 :\n\nzypper in -t patch\nSUSE-SLE-Module-Packagehub-Subpackages-15-SP1-2020-3060=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Development-Tools-15-SP2-2020-3060=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1 :\n\nzypper in -t patch\nSUSE-SLE-Module-Development-Tools-15-SP1-2020-3060=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-3060=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-3060=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:binutils-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:binutils-gold\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:binutils-gold-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libctf-nobfd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libctf-nobfd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libctf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libctf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1/2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"binutils-devel-32bit-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"binutils-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"binutils-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"binutils-debugsource-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"binutils-devel-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"binutils-gold-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"binutils-gold-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libctf-nobfd0-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libctf-nobfd0-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libctf0-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libctf0-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"binutils-devel-32bit-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"binutils-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"binutils-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"binutils-debugsource-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"binutils-devel-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"binutils-gold-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"binutils-gold-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libctf-nobfd0-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libctf-nobfd0-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libctf0-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libctf0-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"binutils-devel-32bit-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"binutils-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"binutils-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"binutils-debugsource-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"binutils-devel-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"binutils-gold-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"binutils-gold-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libctf-nobfd0-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libctf-nobfd0-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libctf0-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libctf0-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"x86_64\", reference:\"binutils-devel-32bit-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"binutils-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"binutils-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"binutils-debugsource-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"binutils-devel-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"binutils-gold-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"binutils-gold-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libctf-nobfd0-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libctf-nobfd0-debuginfo-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libctf0-2.35-7.11.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libctf0-debuginfo-2.35-7.11.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"binutils\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:37", "description": "This update for binutils fixes the following issues :\n\nbinutils was updated to version 2.35.1 (jsc#ECO-2373)\n\nAdditional branch fixes applied on top of 2.35.1 :\n\nFixes PR26520, aka [bsc#1179036], a problem in addr2line with certain DWARF variable descriptions.\n\nAlso fixes PR26711, PR26656, PR26655, PR26929, PR26808, PR25878, PR26740, PR26778, PR26763, PR26685, PR26699, PR26902, PR26869, PR26711\n\nThe above includes fixes for dwo files produced by modern dwp, fixing several problems in the DWARF reader.\n\nUpdate to binutils 2.35.1 and rebased branch diff :\n\nThis is a point release over the previous 2.35 version, containing bug fixes, and as an exception to the usual rule, one new feature. The new feature is the support for a new directive in the assembler: '.nop'.\nThis directive creates a single no-op instruction in whatever encoding is correct for the target architecture. Unlike the .space or .fill this is a real instruction, and it does affect the generation of DWARF line number tables, should they be enabled.\n\nUpdate to binutils 2.35 :\n\nThe assembler can now produce DWARF-5 format line number tables.\n\nReadelf now has a 'lint' mode to enable extra checks of the files it is processing.\n\nReadelf will now display '[...]' when it has to truncate a symbol name. The old behaviour - of displaying as many characters as possible, up to the 80 column limit - can be restored by the use of the\n\n--silent-truncation option.\n\nThe linker can now produce a dependency file listing the inputs that it has processed, much like the -M -MP option supported by the compiler.\n\nfix DT_NEEDED order with -flto [bsc#1163744]\n\nUpdate to binutils 2.34 :\n\nThe disassembler (objdump --disassemble) now has an option to generate ascii art thats show the arcs between that start and end points of control flow instructions.\n\nThe binutils tools now have support for debuginfod. Debuginfod is a HTTP service for distributing ELF/DWARF debugging information as well as source code. The tools can now connect to debuginfod servers in order to download debug information about the files that they are processing.\n\nThe assembler and linker now support the generation of ELF format files for the Z80 architecture.\n\nAdd new subpackages for libctf and libctf-nobfd.\n\nDisable LTO due to bsc#1163333.\n\nIncludes fixes for these CVEs: bsc#1153768 aka CVE-2019-17451 aka PR25070 bsc#1153770 aka CVE-2019-17450 aka PR25078\n\nfix various build fails on aarch64 (PR25210, bsc#1157755).\n\nUpdate to binutils 2.33.1 :\n\nAdds support for the Arm Scalable Vector Extension version 2 (SVE2) instructions, the Arm Transactional Memory Extension (TME) instructions and the Armv8.1-M Mainline and M-profile Vector Extension (MVE) instructions.\n\nAdds support for the Arm Cortex-A76AE, Cortex-A77 and Cortex-M35P processors and the AArch64 Cortex-A34, Cortex-A65, Cortex-A65AE, Cortex-A76AE, and Cortex-A77 processors.\n\nAdds a .float16 directive for both Arm and AArch64 to allow encoding of 16-bit floating point literals.\n\nFor MIPS, Add -m[no-]fix-loongson3-llsc option to fix (or not) Loongson3 LLSC Errata. Add a --enable-mips-fix-loongson3-llsc=[yes|no] configure time option to set the default behavior. Set the default if the configure option is not used to 'no'.\n\nThe Cortex-A53 Erratum 843419 workaround now supports a choice of which workaround to use. The option --fix-cortex-a53-843419 now takes an optional argument --fix-cortex-a53-843419[=full|adr|adrp] which can be used to force a particular workaround to be used. See --help for AArch64 for more details.\n\nAdd support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and GNU_PROPERTY_AARCH64_FEATURE_1_PAC in ELF GNU program properties in the AArch64 ELF linker.\n\nAdd -z force-bti for AArch64 to enable GNU_PROPERTY_AARCH64_FEATURE_1_BTI on output while warning about missing GNU_PROPERTY_AARCH64_FEATURE_1_BTI on inputs and use PLTs protected with BTI.\n\nAdd -z pac-plt for AArch64 to pick PAC enabled PLTs.\n\nAdd --source-comment[=<txt>] option to objdump which if present, provides a prefix to source code lines displayed in a disassembly.\n\nAdd --set-section-alignment <section-name>=<power-of-2-align> option to objcopy to allow the changing of section alignments.\n\nAdd --verilog-data-width option to objcopy for verilog targets to control width of data elements in verilog hex format.\n\nThe separate debug info file options of readelf (--debug-dump=links and\n\n--debug-dump=follow) and objdump (--dwarf=links and\n\n--dwarf=follow-links) will now display and/or follow multiple links if more than one are present in a file. (This usually happens when gcc's\n\n-gsplit-dwarf option is used). In addition objdump's\n\n--dwarf=follow-links now also affects its other display options, so that for example, when combined with\n\n--syms it will cause the symbol tables in any linked debug info files to also be displayed. In addition when combined with\n\n--disassemble the --dwarf= follow-links option will ensure that any symbol tables in the linked files are read and used when disassembling code in the main file.\n\nAdd support for dumping types encoded in the Compact Type Format to objdump and readelf.\n\nIncludes fixes for these CVEs: bsc#1126826 aka CVE-2019-9077 aka PR1126826 bsc#1126829 aka CVE-2019-9075 aka PR1126829 bsc#1126831 aka CVE-2019-9074 aka PR24235 bsc#1140126 aka CVE-2019-12972 aka PR23405 bsc#1143609 aka CVE-2019-14444 aka PR24829 bsc#1142649 aka CVE-2019-14250 aka PR90924\n\nAdd xBPF target\n\nFix various problems with DWARF 5 support in gas\n\nfix nm -B for objects compiled with -flto and -fcommon.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : binutils (SUSE-SU-2020:3552-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12972", "CVE-2019-14250", "CVE-2019-14444", "CVE-2019-17450", "CVE-2019-17451", "CVE-2019-9074", "CVE-2019-9075", "CVE-2019-9077"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:binutils", "p-cpe:/a:novell:suse_linux:binutils-debuginfo", "p-cpe:/a:novell:suse_linux:binutils-debugsource", "p-cpe:/a:novell:suse_linux:binutils-devel", "p-cpe:/a:novell:suse_linux:libctf-nobfd0", "p-cpe:/a:novell:suse_linux:libctf-nobfd0-debuginfo", "p-cpe:/a:novell:suse_linux:libctf0", "p-cpe:/a:novell:suse_linux:libctf0-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-3552-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143785", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3552-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143785);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2019-12972\", \"CVE-2019-14250\", \"CVE-2019-14444\", \"CVE-2019-17450\", \"CVE-2019-17451\", \"CVE-2019-9074\", \"CVE-2019-9075\", \"CVE-2019-9077\");\n\n script_name(english:\"SUSE SLES15 Security Update : binutils (SUSE-SU-2020:3552-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for binutils fixes the following issues :\n\nbinutils was updated to version 2.35.1 (jsc#ECO-2373)\n\nAdditional branch fixes applied on top of 2.35.1 :\n\nFixes PR26520, aka [bsc#1179036], a problem in addr2line with certain\nDWARF variable descriptions.\n\nAlso fixes PR26711, PR26656, PR26655, PR26929, PR26808, PR25878,\nPR26740, PR26778, PR26763, PR26685, PR26699, PR26902, PR26869, PR26711\n\nThe above includes fixes for dwo files produced by modern dwp, fixing\nseveral problems in the DWARF reader.\n\nUpdate to binutils 2.35.1 and rebased branch diff :\n\nThis is a point release over the previous 2.35 version, containing bug\nfixes, and as an exception to the usual rule, one new feature. The new\nfeature is the support for a new directive in the assembler: '.nop'.\nThis directive creates a single no-op instruction in whatever encoding\nis correct for the target architecture. Unlike the .space or .fill\nthis is a real instruction, and it does affect the generation of DWARF\nline number tables, should they be enabled.\n\nUpdate to binutils 2.35 :\n\nThe assembler can now produce DWARF-5 format line number tables.\n\nReadelf now has a 'lint' mode to enable extra checks of the files it\nis processing.\n\nReadelf will now display '[...]' when it has to truncate a symbol\nname. The old behaviour - of displaying as many characters as\npossible, up to the 80 column limit - can be restored by the use of\nthe\n\n--silent-truncation option.\n\nThe linker can now produce a dependency file listing the inputs that\nit has processed, much like the -M -MP option supported by the\ncompiler.\n\nfix DT_NEEDED order with -flto [bsc#1163744]\n\nUpdate to binutils 2.34 :\n\nThe disassembler (objdump --disassemble) now has an option to generate\nascii art thats show the arcs between that start and end points of\ncontrol flow instructions.\n\nThe binutils tools now have support for debuginfod. Debuginfod is a\nHTTP service for distributing ELF/DWARF debugging information as well\nas source code. The tools can now connect to debuginfod servers in\norder to download debug information about the files that they are\nprocessing.\n\nThe assembler and linker now support the generation of ELF format\nfiles for the Z80 architecture.\n\nAdd new subpackages for libctf and libctf-nobfd.\n\nDisable LTO due to bsc#1163333.\n\nIncludes fixes for these CVEs: bsc#1153768 aka CVE-2019-17451 aka\nPR25070 bsc#1153770 aka CVE-2019-17450 aka PR25078\n\nfix various build fails on aarch64 (PR25210, bsc#1157755).\n\nUpdate to binutils 2.33.1 :\n\nAdds support for the Arm Scalable Vector Extension version 2 (SVE2)\ninstructions, the Arm Transactional Memory Extension (TME)\ninstructions and the Armv8.1-M Mainline and M-profile Vector Extension\n(MVE) instructions.\n\nAdds support for the Arm Cortex-A76AE, Cortex-A77 and Cortex-M35P\nprocessors and the AArch64 Cortex-A34, Cortex-A65, Cortex-A65AE,\nCortex-A76AE, and Cortex-A77 processors.\n\nAdds a .float16 directive for both Arm and AArch64 to allow encoding\nof 16-bit floating point literals.\n\nFor MIPS, Add -m[no-]fix-loongson3-llsc option to fix (or not)\nLoongson3 LLSC Errata. Add a --enable-mips-fix-loongson3-llsc=[yes|no]\nconfigure time option to set the default behavior. Set the default if\nthe configure option is not used to 'no'.\n\nThe Cortex-A53 Erratum 843419 workaround now supports a choice of\nwhich workaround to use. The option --fix-cortex-a53-843419 now takes\nan optional argument --fix-cortex-a53-843419[=full|adr|adrp] which can\nbe used to force a particular workaround to be used. See --help for\nAArch64 for more details.\n\nAdd support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and\nGNU_PROPERTY_AARCH64_FEATURE_1_PAC in ELF GNU program properties in\nthe AArch64 ELF linker.\n\nAdd -z force-bti for AArch64 to enable\nGNU_PROPERTY_AARCH64_FEATURE_1_BTI on output while warning about\nmissing GNU_PROPERTY_AARCH64_FEATURE_1_BTI on inputs and use PLTs\nprotected with BTI.\n\nAdd -z pac-plt for AArch64 to pick PAC enabled PLTs.\n\nAdd --source-comment[=<txt>] option to objdump which if present,\nprovides a prefix to source code lines displayed in a disassembly.\n\nAdd --set-section-alignment <section-name>=<power-of-2-align> option\nto objcopy to allow the changing of section alignments.\n\nAdd --verilog-data-width option to objcopy for verilog targets to\ncontrol width of data elements in verilog hex format.\n\nThe separate debug info file options of readelf (--debug-dump=links\nand\n\n--debug-dump=follow) and objdump (--dwarf=links and\n\n--dwarf=follow-links) will now display and/or follow\nmultiple links if more than one are present in a file. (This\nusually happens when gcc's\n\n-gsplit-dwarf option is used). In addition objdump's\n\n--dwarf=follow-links now also affects its other display\noptions, so that for example, when combined with\n\n--syms it will cause the symbol tables in any linked debug\ninfo files to also be displayed. In addition when combined\nwith\n\n--disassemble the --dwarf= follow-links option will ensure\nthat any symbol tables in the linked files are read and used\nwhen disassembling code in the main file.\n\nAdd support for dumping types encoded in the Compact Type Format to\nobjdump and readelf.\n\nIncludes fixes for these CVEs: bsc#1126826 aka CVE-2019-9077 aka\nPR1126826 bsc#1126829 aka CVE-2019-9075 aka PR1126829 bsc#1126831 aka\nCVE-2019-9074 aka PR24235 bsc#1140126 aka CVE-2019-12972 aka PR23405\nbsc#1143609 aka CVE-2019-14444 aka PR24829 bsc#1142649 aka\nCVE-2019-14250 aka PR90924\n\nAdd xBPF target\n\nFix various problems with DWARF 5 support in gas\n\nfix nm -B for objects compiled with -flto and -fcommon.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126826\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157755\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160590\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1179036\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12972/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14250/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14444/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-17450/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-17451/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9074/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9075/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9077/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203552-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?21f3de7a\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 15 :\n\nzypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-3552=1\n\nSUSE Linux Enterprise Server 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-2020-3552=1\n\nSUSE Linux Enterprise High Performance Computing 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-3552=1\n\nSUSE Linux Enterprise High Performance Computing 15-ESPOS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-3552=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:binutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:binutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:binutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:binutils-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libctf-nobfd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libctf-nobfd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libctf0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libctf0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"s390x\") audit(AUDIT_ARCH_NOT, \"s390x\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"binutils-2.35.1-6.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"binutils-debuginfo-2.35.1-6.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"binutils-debugsource-2.35.1-6.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"binutils-devel-2.35.1-6.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libctf-nobfd0-2.35.1-6.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libctf-nobfd0-debuginfo-2.35.1-6.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libctf0-2.35.1-6.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libctf0-debuginfo-2.35.1-6.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"binutils\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:26:50", "description": "The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-20855: An issue was discovered in the Linux kernel In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace(bsc#1143045).\n\nCVE-2019-1125: Exclude ATOMs from speculation through SWAPGS (bsc#1139358).\n\nCVE-2019-14283: In the Linux kernel, set_geometry in drivers/block/floppy.c did not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It could be triggered by an unprivileged local user when a floppy disk was inserted. NOTE: QEMU creates the floppy device by default.\n(bnc#1143191)\n\nCVE-2019-11810: An issue was discovered in the Linux kernel A NULL pointer dereference could occur when megasas_create_frame_pool() failed in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This caused a Denial of Service, related to a use-after-free (bnc#1134399).\n\nCVE-2019-13648: In the Linux kernel on the powerpc platform, when hardware transactional memory was disabled, a local user could cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sent a crafted signal frame.\n(bnc#1142254)\n\nCVE-2019-13631: In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel, a malicious USB device could send an HID report that triggered an out-of-bounds write during generation of debugging messages. (bnc#1142023)\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2070-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20855", "CVE-2019-1125", "CVE-2019-11810", "CVE-2019-13631", "CVE-2019-13648", "CVE-2019-14283", "CVE-2019-14284"], "modified": "2020-02-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-azure", "p-cpe:/a:novell:suse_linux:kernel-azure-base", "p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debugsource", "p-cpe:/a:novell:suse_linux:kernel-azure-devel", "p-cpe:/a:novell:suse_linux:kernel-syms-azure", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2070-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127773", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2070-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127773);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/02/18\");\n\n script_cve_id(\"CVE-2018-20855\", \"CVE-2019-1125\", \"CVE-2019-11810\", \"CVE-2019-13631\", \"CVE-2019-13648\", \"CVE-2019-14283\", \"CVE-2019-14284\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2070-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-20855: An issue was discovered in the Linux kernel In\ncreate_qp_common in drivers/infiniband/hw/mlx5/qp.c,\nmlx5_ib_create_qp_resp was never initialized, resulting in a leak of\nstack memory to userspace(bsc#1143045).\n\nCVE-2019-1125: Exclude ATOMs from speculation through SWAPGS\n(bsc#1139358).\n\nCVE-2019-14283: In the Linux kernel, set_geometry in\ndrivers/block/floppy.c did not validate the sect and head fields, as\ndemonstrated by an integer overflow and out-of-bounds read. It could\nbe triggered by an unprivileged local user when a floppy disk was\ninserted. NOTE: QEMU creates the floppy device by default.\n(bnc#1143191)\n\nCVE-2019-11810: An issue was discovered in the Linux kernel A NULL\npointer dereference could occur when megasas_create_frame_pool()\nfailed in megasas_alloc_cmds() in\ndrivers/scsi/megaraid/megaraid_sas_base.c. This caused a Denial of\nService, related to a use-after-free (bnc#1134399).\n\nCVE-2019-13648: In the Linux kernel on the powerpc platform, when\nhardware transactional memory was disabled, a local user could cause a\ndenial of service (TM Bad Thing exception and system crash) via a\nsigreturn() system call that sent a crafted signal frame.\n(bnc#1142254)\n\nCVE-2019-13631: In parse_hid_report_descriptor in\ndrivers/input/tablet/gtco.c in the Linux kernel, a malicious USB\ndevice could send an HID report that triggered an out-of-bounds write\nduring generation of debugging messages. (bnc#1142023)\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055117\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1071995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102247\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103991\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103992\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112374\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123080\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127611\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135642\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136217\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136460\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136461\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136462\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136467\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136896\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137458\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137535\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137584\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137811\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1138874\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139358\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139619\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140133\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140559\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140887\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140888\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140889\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140903\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140948\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140954\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140958\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140959\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140960\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140961\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140962\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140964\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140992\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141401\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141453\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141454\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141478\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142115\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142119\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142220\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142350\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142351\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142354\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142359\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142450\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142623\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142673\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143507\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-20855/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-1125/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-11810/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13631/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13648/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14283/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14284/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192070-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8ab65fda\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-2070=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14283\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-4.12.14-6.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-base-4.12.14-6.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-base-debuginfo-4.12.14-6.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-debuginfo-4.12.14-6.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-debugsource-4.12.14-6.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-devel-4.12.14-6.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-syms-azure-4.12.14-6.23.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:27:13", "description": "The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-20855: An issue was discovered in the Linux kernel In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace(bsc#1143045).\n\nCVE-2019-1125: Exclude ATOMs from speculation through SWAPGS (bsc#1139358).\n\nCVE-2019-14283: In the Linux kernel, set_geometry in drivers/block/floppy.c did not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It could be triggered by an unprivileged local user when a floppy disk was inserted. NOTE: QEMU creates the floppy device by default.\n(bnc#1143191)\n\nCVE-2019-11810: An issue was discovered in the Linux kernel A NULL pointer dereference could occur when megasas_create_frame_pool() failed in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This caused a Denial of Service, related to a use-after-free (bnc#1134399).\n\nCVE-2019-13648: In the Linux kernel on the powerpc platform, when hardware transactional memory was disabled, a local user could cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sent a crafted signal frame.\n(bnc#1142254)\n\nCVE-2019-13631: In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel, a malicious USB device could send an HID report that triggered an out-of-bounds write during generation of debugging messages. (bnc#1142023)\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2073-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20855", "CVE-2019-1125", "CVE-2019-11810", "CVE-2019-13631", "CVE-2019-13648", "CVE-2019-14283", "CVE-2019-14284"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-debug", "p-cpe:/a:novell:suse_linux:kernel-debug-base", "p-cpe:/a:novell:suse_linux:kernel-debug-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-debug-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-debug-debugsource", "p-cpe:/a:novell:suse_linux:kernel-debug-devel", "p-cpe:/a:novell:suse_linux:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-debug-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-livepatch", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debugsource", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-obs-build", "p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource", "p-cpe:/a:novell:suse_linux:kernel-obs-qa", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-vanilla", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource", "p-cpe:/a:novell:suse_linux:kernel-vanilla-devel", "p-cpe:/a:novell:suse_linux:kernel-vanilla-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-man", "p-cpe:/a:novell:suse_linux:kselftests-kmp-default", "p-cpe:/a:novell:suse_linux:kselftests-kmp-default-debuginfo", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2073-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127776", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2073-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127776);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-20855\", \"CVE-2019-1125\", \"CVE-2019-11810\", \"CVE-2019-13631\", \"CVE-2019-13648\", \"CVE-2019-14283\", \"CVE-2019-14284\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2073-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-20855: An issue was discovered in the Linux kernel In\ncreate_qp_common in drivers/infiniband/hw/mlx5/qp.c,\nmlx5_ib_create_qp_resp was never initialized, resulting in a leak of\nstack memory to userspace(bsc#1143045).\n\nCVE-2019-1125: Exclude ATOMs from speculation through SWAPGS\n(bsc#1139358).\n\nCVE-2019-14283: In the Linux kernel, set_geometry in\ndrivers/block/floppy.c did not validate the sect and head fields, as\ndemonstrated by an integer overflow and out-of-bounds read. It could\nbe triggered by an unprivileged local user when a floppy disk was\ninserted. NOTE: QEMU creates the floppy device by default.\n(bnc#1143191)\n\nCVE-2019-11810: An issue was discovered in the Linux kernel A NULL\npointer dereference could occur when megasas_create_frame_pool()\nfailed in megasas_alloc_cmds() in\ndrivers/scsi/megaraid/megaraid_sas_base.c. This caused a Denial of\nService, related to a use-after-free (bnc#1134399).\n\nCVE-2019-13648: In the Linux kernel on the powerpc platform, when\nhardware transactional memory was disabled, a local user could cause a\ndenial of service (TM Bad Thing exception and system crash) via a\nsigreturn() system call that sent a crafted signal frame.\n(bnc#1142254)\n\nCVE-2019-13631: In parse_hid_report_descriptor in\ndrivers/input/tablet/gtco.c in the Linux kernel, a malicious USB\ndevice could send an HID report that triggered an out-of-bounds write\nduring generation of debugging messages. (bnc#1142023)\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055117\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1071995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102247\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103991\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103992\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112374\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123080\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127611\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134390\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135642\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136217\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136460\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136461\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136462\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136467\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137458\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137535\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137584\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137811\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1138874\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139358\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139619\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140133\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140559\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140903\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140948\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141401\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141453\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141454\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141478\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142083\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142115\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142119\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142220\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142350\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142351\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142354\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142359\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142450\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142623\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142673\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143185\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143507\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-20855/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-1125/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-11810/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13631/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13648/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14283/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14284/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192073-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c5521e7e\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 15-SP1:zypper in -t patch\nSUSE-SLE-Product-WE-15-SP1-2019-2073=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2073=1\n\nSUSE Linux Enterprise Module for Live Patching 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Live-Patching-15-SP1-2019-2073=1\n\nSUSE Linux Enterprise Module for Legacy Software 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Legacy-15-SP1-2019-2073=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-SP1-2019-2073=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-2073=1\n\nSUSE Linux Enterprise High Availability 15-SP1:zypper in -t patch\nSUSE-SLE-Product-HA-15-SP1-2019-2073=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14283\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-livepatch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-4.12.14-197.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-4.12.14-197.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-4.12.14-197.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", ref