ID OPENSUSE-SU-2019:2494-1 Type suse Reporter Suse Modified 2019-11-13T00:43:39
Description
This update for gdb fixes the following issues:
Update to gdb 8.3.1: (jsc#ECO-368)
Security issues fixed:
CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF
sections larger than the file. (bsc#1142772)
Upgrade libipt from v2.0 to v2.0.1.
Enable librpm for version > librpm.so.3 [bsc#1145692]:
Allow any librpm.so.x
Add %build test to check for "zypper install <rpm-packagename>" message
Copy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python,
and use it for --without=python.
Rebase to 8.3 release (as in fedora 30 @ 1e222a3).
DWARF index cache: GDB can now automatically save indices of DWARF
symbols on disk to speed up further loading of the same binaries.
Ada task switching is now supported on aarch64-elf targets when
debugging a program using the Ravenscar Profile.
Terminal styling is now available for the CLI and the TUI.
Removed support for old demangling styles arm, edg, gnu, hp and lucid.
Support for new native configuration RISC-V GNU/Linux (riscv--linux*).
Implemented access to more POWER8 registers. [fate#326120, fate#325178]
Handle most of new s390 arch13 instructions. [fate#327369, jsc#ECO-368]
This update was imported from the SUSE:SLE-15-SP1:Update update project.
{"id": "OPENSUSE-SU-2019:2494-1", "bulletinFamily": "unix", "title": "Security update for gdb (moderate)", "description": "This update for gdb fixes the following issues:\n\n Update to gdb 8.3.1: (jsc#ECO-368)\n\n Security issues fixed:\n\n - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF\n sections larger than the file. (bsc#1142772)\n\n Upgrade libipt from v2.0 to v2.0.1.\n\n - Enable librpm for version > librpm.so.3 [bsc#1145692]:\n * Allow any librpm.so.x\n * Add %build test to check for "zypper install <rpm-packagename>" message\n\n - Copy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python,\n and use it for --without=python.\n\n Rebase to 8.3 release (as in fedora 30 @ 1e222a3).\n\n * DWARF index cache: GDB can now automatically save indices of DWARF\n symbols on disk to speed up further loading of the same binaries.\n * Ada task switching is now supported on aarch64-elf targets when\n debugging a program using the Ravenscar Profile.\n * Terminal styling is now available for the CLI and the TUI.\n * Removed support for old demangling styles arm, edg, gnu, hp and lucid.\n * Support for new native configuration RISC-V GNU/Linux (riscv*-*-linux*).\n\n - Implemented access to more POWER8 registers. [fate#326120, fate#325178]\n - Handle most of new s390 arch13 instructions. [fate#327369, jsc#ECO-368]\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n", "published": "2019-11-13T00:43:39", "modified": "2019-11-13T00:43:39", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html", "reporter": "Suse", "references": ["https://bugzilla.suse.com/1142772", "https://bugzilla.suse.com/1115034", "https://bugzilla.suse.com/1145692"], "cvelist": ["CVE-2019-1010180"], "type": "suse", "lastseen": "2019-11-13T04:03:21", "edition": 1, "viewCount": 86, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-1010180"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-202003-31.NASL", "SUSE_SU-2019-2914-1.NASL", "SUSE_SU-2019-2902-1.NASL", "SUSE_SU-2019-2913-1.NASL", "PHOTONOS_PHSA-2020-2_0-0225_GDB.NASL", "OPENSUSE-2019-2494.NASL", "CENTOS8_RHSA-2020-1635.NASL", "REDHAT-RHSA-2020-1635.NASL", "SUSE_SU-2019-2916-1.NASL", "PHOTONOS_PHSA-2020-1_0-0287_GDB.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-1635"]}, {"type": "gentoo", "idList": ["GLSA-202003-31"]}, {"type": "redhat", "idList": ["RHSA-2020:1635", "RHSA-2020:4298", "RHSA-2020:3194"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2493-1", "OPENSUSE-SU-2019:2432-1", "OPENSUSE-SU-2019:2415-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220201094", "OPENVAS:1361412562311220201074", "OPENVAS:1361412562310852769", "OPENVAS:1361412562310852909", "OPENVAS:1361412562311220201466", "OPENVAS:1361412562310852757", "OPENVAS:1361412562310852969", "OPENVAS:1361412562311220192099"]}], "modified": "2019-11-13T04:03:21", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2019-11-13T04:03:21", "rev": 2}, "vulnersScore": 5.8}, "affectedPackage": [{"OS": "openSUSE Leap", "OSVersion": "15.1", "arch": "x86_64", "operator": "lt", "packageFilename": "gdb-8.3.1-lp151.4.3.1.x86_64.rpm", "packageName": "gdb", "packageVersion": "8.3.1-lp151.4.3.1"}, {"OS": "openSUSE Leap", "OSVersion": "15.1", "arch": "x86_64", "operator": "lt", "packageFilename": "gdbserver-8.3.1-lp151.4.3.1.x86_64.rpm", "packageName": "gdbserver", "packageVersion": "8.3.1-lp151.4.3.1"}, {"OS": "openSUSE Leap", "OSVersion": "15.1", "arch": "x86_64", "operator": "lt", "packageFilename": "gdb-testresults-8.3.1-lp151.4.3.1.x86_64.rpm", "packageName": "gdb-testresults", "packageVersion": "8.3.1-lp151.4.3.1"}, {"OS": "openSUSE Leap", "OSVersion": "15.1", "arch": "x86_64", "operator": "lt", "packageFilename": "gdb-debuginfo-8.3.1-lp151.4.3.1.x86_64.rpm", "packageName": "gdb-debuginfo", "packageVersion": "8.3.1-lp151.4.3.1"}, {"OS": "openSUSE Leap", "OSVersion": "15.1", "arch": "x86_64", "operator": "lt", "packageFilename": "gdbserver-debuginfo-8.3.1-lp151.4.3.1.x86_64.rpm", "packageName": "gdbserver-debuginfo", "packageVersion": "8.3.1-lp151.4.3.1"}, {"OS": "openSUSE Leap", "OSVersion": "15.1", "arch": "x86_64", "operator": "lt", "packageFilename": "gdb-debugsource-8.3.1-lp151.4.3.1.x86_64.rpm", "packageName": "gdb-debugsource", "packageVersion": "8.3.1-lp151.4.3.1"}], "immutableFields": []}
{"cve": [{"lastseen": "2021-02-02T07:12:45", "description": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.", "edition": 13, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-07-24T13:15:00", "title": "CVE-2019-1010180", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1010180"], "modified": "2020-11-23T15:53:00", "cpe": ["cpe:/o:opensuse:leap:15.0", "cpe:/o:opensuse:leap:15.1"], "id": "CVE-2019-1010180", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010180", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"]}], "suse": [{"lastseen": "2019-11-13T04:03:21", "bulletinFamily": "unix", "cvelist": ["CVE-2019-1010180"], "description": "This update for gdb fixes the following issues:\n\n Update to gdb 8.3.1: (jsc#ECO-368)\n\n Security issues fixed:\n\n - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF\n sections larger than the file. (bsc#1142772)\n\n Upgrade libipt from v2.0 to v2.0.1.\n\n - Enable librpm for version > librpm.so.3 [bsc#1145692]:\n * Allow any librpm.so.x\n * Add %build test to check for "zypper install <rpm-packagename>" message\n\n - Copy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python,\n and use it for --without=python.\n\n Rebase to 8.3 release (as in fedora 30 @ 1e222a3).\n\n * DWARF index cache: GDB can now automatically save indices of DWARF\n symbols on disk to speed up further loading of the same binaries.\n * Ada task switching is now supported on aarch64-elf targets when\n debugging a program using the Ravenscar Profile.\n * Terminal styling is now available for the CLI and the TUI.\n * Removed support for old demangling styles arm, edg, gnu, hp and lucid.\n * Support for new native configuration RISC-V GNU/Linux (riscv*-*-linux*).\n\n - Implemented access to more POWER8 registers. [fate#326120, fate#325178]\n - Handle most of new s390 arch13 instructions. [fate#327369, jsc#ECO-368]\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-11-13T01:22:12", "published": "2019-11-13T01:22:12", "id": "OPENSUSE-SU-2019:2493-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html", "title": "Security update for gdb (moderate)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-06T00:01:54", "bulletinFamily": "unix", "cvelist": ["CVE-2018-7642", "CVE-2018-7208", "CVE-2018-19932", "CVE-2018-18484", "CVE-2018-18309", "CVE-2018-1000876", "CVE-2018-18605", "CVE-2018-7570", "CVE-2018-17358", "CVE-2018-7569", "CVE-2018-17985", "CVE-2018-6872", "CVE-2019-1010180", "CVE-2018-17360", "CVE-2018-6543", "CVE-2018-19931", "CVE-2018-18483", "CVE-2018-7568", "CVE-2018-6323", "CVE-2018-7643", "CVE-2018-6759", "CVE-2018-18607", "CVE-2018-20671", "CVE-2018-20651", "CVE-2018-17359", "CVE-2018-20623", "CVE-2018-18606", "CVE-2018-8945"], "description": "This update for binutils fixes the following issues:\n\n binutils was updated to current 2.32 branch [jsc#ECO-368].\n\n Includes following security fixes:\n\n - CVE-2018-17358: Fixed invalid memory access in\n _bfd_stab_section_find_nearest_line in syms.c (bsc#1109412)\n - CVE-2018-17359: Fixed invalid memory access exists in bfd_zalloc in\n opncls.c (bsc#1109413)\n - CVE-2018-17360: Fixed heap-based buffer over-read in bfd_getl32 in\n libbfd.c (bsc#1109414)\n - CVE-2018-17985: Fixed a stack consumption problem caused by the\n cplus_demangle_type (bsc#1116827)\n - CVE-2018-18309: Fixed an invalid memory address dereference was\n discovered in read_reloc in reloc.c (bsc#1111996)\n - CVE-2018-18483: Fixed get_count function provided by libiberty that\n allowed attackers to cause a denial of service or other unspecified\n impact (bsc#1112535)\n - CVE-2018-18484: Fixed stack exhaustion in the C++ demangling functions\n provided by libiberty, caused by recursive stack frames (bsc#1112534)\n - CVE-2018-18605: Fixed a heap-based buffer over-read issue was discovered\n in the function sec_merge_hash_lookup causing a denial of service\n (bsc#1113255)\n - CVE-2018-18606: Fixed a NULL pointer dereference in\n _bfd_add_merge_section when attempting to merge sections with large\n alignments, causing denial of service (bsc#1113252)\n - CVE-2018-18607: Fixed a NULL pointer dereference in elf_link_input_bfd\n when used for finding STT_TLS symbols without any TLS section, causing\n denial of service (bsc#1113247)\n - CVE-2018-19931: Fixed a heap-based buffer overflow in\n bfd_elf32_swap_phdr_in in elfcode.h (bsc#1118831)\n - CVE-2018-19932: Fixed an integer overflow and infinite loop caused by\n the IS_CONTAINED_BY_LMA (bsc#1118830)\n - CVE-2018-20623: Fixed a use-after-free in the error function in\n elfcomm.c (bsc#1121035)\n - CVE-2018-20651: Fixed a denial of service via a NULL pointer dereference\n in elf_link_add_object_symbols in elflink.c (bsc#1121034)\n - CVE-2018-20671: Fixed an integer overflow that can trigger a heap-based\n buffer overflow in load_specific_debug_section in objdump.c\n (bsc#1121056)\n - CVE-2018-1000876: Fixed integer overflow in\n bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc in\n objdump (bsc#1120640)\n - CVE-2019-1010180: Fixed an out of bound memory access that could lead to\n crashes (bsc#1142772)\n\n - enable xtensa architecture (Tensilica lc6 and related)\n - Use -ffat-lto-objects in order to provide assembly for static libs\n (bsc#1141913).\n - Fixed some LTO build issues (bsc#1133131 bsc#1133232).\n - riscv: Don't check ABI flags if no code section\n - Fixed a segfault in ld when building some versions of pacemaker\n (bsc#1154025, bsc#1154016).\n - Add avr, epiphany and rx to target_list so that the common binutils can\n handle all objects we can create with crosses (bsc#1152590).\n\n Update to binutils 2.32:\n\n * The binutils now support for the C-SKY processor series.\n * The x86 assembler now supports a -mvexwig=[0|1] option to control\n encoding of VEX.W-ignored (WIG) VEX instructions. It also has a new\n -mx86-used-note=[yes|no] option to generate (or not) x86 GNU property\n notes.\n * The MIPS assembler now supports the Loongson EXTensions R2 (EXT2), the\n Loongson EXTensions (EXT) instructions, the Loongson Content Address\n Memory (CAM) ASE and the Loongson MultiMedia extensions Instructions\n (MMI) ASE.\n * The addr2line, c++filt, nm and objdump tools now have a default limit on\n the maximum amount of recursion that is allowed whilst demangling\n strings. This limit can be disabled if necessary.\n * Objdump's --disassemble option can now take a parameter, specifying the\n starting symbol for disassembly. Disassembly will continue from this\n symbol up to the next symbol or the end of the function.\n * The BFD linker will now report property change in linker map file when\n merging GNU properties.\n * The BFD linker's -t option now doesn't report members within archives,\n unless -t is given twice. This makes it more useful when generating a\n list of files that should be packaged for a linker bug report.\n * The GOLD linker has improved warning messages for relocations that refer\n to discarded sections.\n\n - Improve relro support on s390 [fate#326356]\n - Fix broken debug symbols (bsc#1118644)\n - Handle ELF compressed header alignment correctly.\n\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n", "edition": 1, "modified": "2019-11-05T21:18:30", "published": "2019-11-05T21:18:30", "id": "OPENSUSE-SU-2019:2432-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html", "title": "Security update for binutils (moderate)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-31T04:09:13", "bulletinFamily": "unix", "cvelist": ["CVE-2018-7642", "CVE-2018-7208", "CVE-2018-19932", "CVE-2018-18484", "CVE-2018-18309", "CVE-2018-1000876", "CVE-2018-18605", "CVE-2018-7570", "CVE-2018-17358", "CVE-2018-7569", "CVE-2018-17985", "CVE-2018-6872", "CVE-2019-1010180", "CVE-2018-17360", "CVE-2018-6543", "CVE-2018-19931", "CVE-2018-18483", "CVE-2018-7568", "CVE-2018-6323", "CVE-2018-7643", "CVE-2018-6759", "CVE-2018-18607", "CVE-2018-20671", "CVE-2018-20651", "CVE-2018-17359", "CVE-2018-20623", "CVE-2018-18606", "CVE-2018-8945"], "description": "This update for binutils fixes the following issues:\n\n binutils was updated to current 2.32 branch [jsc#ECO-368].\n\n Includes following security fixes:\n\n - CVE-2018-17358: Fixed invalid memory access in\n _bfd_stab_section_find_nearest_line in syms.c (bsc#1109412)\n - CVE-2018-17359: Fixed invalid memory access exists in bfd_zalloc in\n opncls.c (bsc#1109413)\n - CVE-2018-17360: Fixed heap-based buffer over-read in bfd_getl32 in\n libbfd.c (bsc#1109414)\n - CVE-2018-17985: Fixed a stack consumption problem caused by the\n cplus_demangle_type (bsc#1116827)\n - CVE-2018-18309: Fixed an invalid memory address dereference was\n discovered in read_reloc in reloc.c (bsc#1111996)\n - CVE-2018-18483: Fixed get_count function provided by libiberty that\n allowed attackers to cause a denial of service or other unspecified\n impact (bsc#1112535)\n - CVE-2018-18484: Fixed stack exhaustion in the C++ demangling functions\n provided by libiberty, caused by recursive stack frames (bsc#1112534)\n - CVE-2018-18605: Fixed a heap-based buffer over-read issue was discovered\n in the function sec_merge_hash_lookup causing a denial of service\n (bsc#1113255)\n - CVE-2018-18606: Fixed a NULL pointer dereference in\n _bfd_add_merge_section when attempting to merge sections with large\n alignments, causing denial of service (bsc#1113252)\n - CVE-2018-18607: Fixed a NULL pointer dereference in elf_link_input_bfd\n when used for finding STT_TLS symbols without any TLS section, causing\n denial of service (bsc#1113247)\n - CVE-2018-19931: Fixed a heap-based buffer overflow in\n bfd_elf32_swap_phdr_in in elfcode.h (bsc#1118831)\n - CVE-2018-19932: Fixed an integer overflow and infinite loop caused by\n the IS_CONTAINED_BY_LMA (bsc#1118830)\n - CVE-2018-20623: Fixed a use-after-free in the error function in\n elfcomm.c (bsc#1121035)\n - CVE-2018-20651: Fixed a denial of service via a NULL pointer dereference\n in elf_link_add_object_symbols in elflink.c (bsc#1121034)\n - CVE-2018-20671: Fixed an integer overflow that can trigger a heap-based\n buffer overflow in load_specific_debug_section in objdump.c\n (bsc#1121056)\n - CVE-2018-1000876: Fixed integer overflow in\n bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc in\n objdump (bsc#1120640)\n - CVE-2019-1010180: Fixed an out of bound memory access that could lead to\n crashes (bsc#1142772)\n\n - enable xtensa architecture (Tensilica lc6 and related)\n - Use -ffat-lto-objects in order to provide assembly for static libs\n (bsc#1141913).\n - Fixed some LTO build issues (bsc#1133131 bsc#1133232).\n - riscv: Don't check ABI flags if no code section\n - Fixed a segfault in ld when building some versions of pacemaker\n (bsc#1154025, bsc#1154016).\n - Add avr, epiphany and rx to target_list so that the common binutils can\n handle all objects we can create with crosses (bsc#1152590).\n\n Update to binutils 2.32:\n\n * The binutils now support for the C-SKY processor series.\n * The x86 assembler now supports a -mvexwig=[0|1] option to control\n encoding of VEX.W-ignored (WIG) VEX instructions. It also has a new\n -mx86-used-note=[yes|no] option to generate (or not) x86 GNU property\n notes.\n * The MIPS assembler now supports the Loongson EXTensions R2 (EXT2), the\n Loongson EXTensions (EXT) instructions, the Loongson Content Address\n Memory (CAM) ASE and the Loongson MultiMedia extensions Instructions\n (MMI) ASE.\n * The addr2line, c++filt, nm and objdump tools now have a default limit on\n the maximum amount of recursion that is allowed whilst demangling\n strings. This limit can be disabled if necessary.\n * Objdump's --disassemble option can now take a parameter, specifying the\n starting symbol for disassembly. Disassembly will continue from this\n symbol up to the next symbol or the end of the function.\n * The BFD linker will now report property change in linker map file when\n merging GNU properties.\n * The BFD linker's -t option now doesn't report members within archives,\n unless -t is given twice. This makes it more useful when generating a\n list of files that should be packaged for a linker bug report.\n * The GOLD linker has improved warning messages for relocations that refer\n to discarded sections.\n\n - Improve relro support on s390 [fate#326356]\n - Fix broken debug symbols (bsc#1118644)\n - Handle ELF compressed header alignment correctly.\n\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-10-31T00:14:06", "published": "2019-10-31T00:14:06", "id": "OPENSUSE-SU-2019:2415-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html", "title": "Security update for binutils (moderate)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2020-04-30T19:36:11", "bulletinFamily": "unix", "cvelist": ["CVE-2019-1010180"], "description": "The GNU Debugger (GDB) allows users to debug programs written in various programming languages including C, C++, and Fortran. \n\nSecurity Fix(es):\n\n* gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution (CVE-2019-1010180)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.", "modified": "2020-04-28T14:46:29", "published": "2020-04-28T12:59:01", "id": "RHSA-2020:1635", "href": "https://access.redhat.com/errata/RHSA-2020:1635", "type": "redhat", "title": "(RHSA-2020:1635) Moderate: gdb security and bug fix update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-28T20:03:39", "bulletinFamily": "unix", "cvelist": ["CVE-2018-14404", "CVE-2018-18074", "CVE-2018-19519", "CVE-2018-20060", "CVE-2018-20337", "CVE-2018-20852", "CVE-2018-7263", "CVE-2018-9251", "CVE-2019-1010180", "CVE-2019-1010204", "CVE-2019-11236", "CVE-2019-11324", "CVE-2019-12447", "CVE-2019-12448", "CVE-2019-12449", "CVE-2019-13232", "CVE-2019-13752", "CVE-2019-13753", "CVE-2019-14563", "CVE-2019-14822", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563", "CVE-2019-15847", "CVE-2019-16056", "CVE-2019-17451", "CVE-2019-19126", "CVE-2019-19232", "CVE-2019-19807", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19959", "CVE-2019-3016", "CVE-2019-3825", "CVE-2019-5094", "CVE-2019-5436", "CVE-2019-5481", "CVE-2019-5482", "CVE-2019-8457", "CVE-2020-10749", "CVE-2020-10754", "CVE-2020-10757", "CVE-2020-10766", "CVE-2020-10767", "CVE-2020-10768", "CVE-2020-11008", "CVE-2020-11080", "CVE-2020-12049", "CVE-2020-12653", "CVE-2020-12654", "CVE-2020-12662", "CVE-2020-12663", "CVE-2020-12888", "CVE-2020-13777", "CVE-2020-14316", "CVE-2020-8616", "CVE-2020-8617"], "description": "OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.\n\nSecurity Fix(es):\n\n* kubevirt: VMIs can be used to access host files (CVE-2020-14316)\n\n* containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nThis update also fixes several bugs and adds various enhancements.\n\nThis advisory contains the following OpenShift Virtualization 2.4.0 images:\n\nRHEL-7-CNV-2.4\n==============\nkubevirt-ssp-operator-container-v2.4.0-71\n\nRHEL-8-CNV-2.4\n==============\nvirt-cdi-controller-container-v2.4.0-29\nvirt-cdi-uploadproxy-container-v2.4.0-29\nhostpath-provisioner-container-v2.4.0-25\nvirt-cdi-operator-container-v2.4.0-29\nkubevirt-metrics-collector-container-v2.4.0-18\ncnv-containernetworking-plugins-container-v2.4.0-36\nkubevirt-kvm-info-nfd-plugin-container-v2.4.0-18\nhostpath-provisioner-operator-container-v2.4.0-31\nvirt-cdi-uploadserver-container-v2.4.0-29\nvirt-cdi-apiserver-container-v2.4.0-29\nvirt-controller-container-v2.4.0-58\nvirt-cdi-cloner-container-v2.4.0-29\nkubevirt-template-validator-container-v2.4.0-21\nvm-import-operator-container-v2.4.0-21\nkubernetes-nmstate-handler-container-v2.4.0-37\nnode-maintenance-operator-container-v2.4.0-27\nvirt-operator-container-v2.4.0-58\nkubevirt-v2v-conversion-container-v2.4.0-23\ncnv-must-gather-container-v2.4.0-73\nvirtio-win-container-v2.4.0-15\nkubevirt-cpu-node-labeller-container-v2.4.0-19\novs-cni-plugin-container-v2.4.0-37\nkubevirt-vmware-container-v2.4.0-21\nhyperconverged-cluster-operator-container-v2.4.0-70\nvirt-handler-container-v2.4.0-58\nvirt-cdi-importer-container-v2.4.0-29\nvirt-launcher-container-v2.4.0-58\nkubevirt-cpu-model-nfd-plugin-container-v2.4.0-17\nvirt-api-container-v2.4.0-58\novs-cni-marker-container-v2.4.0-38\nkubemacpool-container-v2.4.0-39\ncluster-network-addons-operator-container-v2.4.0-38\nbridge-marker-container-v2.4.0-39\nvm-import-controller-container-v2.4.0-21\nhco-bundle-registry-container-v2.3.0-497", "modified": "2020-07-28T22:06:05", "published": "2020-07-28T22:02:45", "id": "RHSA-2020:3194", "href": "https://access.redhat.com/errata/RHSA-2020:3194", "type": "redhat", "title": "(RHSA-2020:3194) Important: Container-native Virtualization security, bug fix, and enhancement update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-28T02:16:36", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0169", "CVE-2016-10739", "CVE-2018-14404", "CVE-2018-14498", "CVE-2018-16890", "CVE-2018-18074", "CVE-2018-18624", "CVE-2018-18751", "CVE-2018-19519", "CVE-2018-20060", "CVE-2018-20337", "CVE-2018-20483", "CVE-2018-20657", "CVE-2018-20852", "CVE-2018-9251", "CVE-2019-1010180", "CVE-2019-1010204", "CVE-2019-11070", "CVE-2019-11236", "CVE-2019-11324", "CVE-2019-11358", "CVE-2019-11459", "CVE-2019-12447", "CVE-2019-12448", "CVE-2019-12449", "CVE-2019-12450", "CVE-2019-12795", "CVE-2019-13232", "CVE-2019-13636", "CVE-2019-13752", "CVE-2019-13753", "CVE-2019-14822", "CVE-2019-14973", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563", "CVE-2019-15718", "CVE-2019-15847", "CVE-2019-16056", "CVE-2019-16769", "CVE-2019-17451", "CVE-2019-18408", "CVE-2019-19126", "CVE-2019-19923", "CVE-2019-19924", "CVE-2019-19925", "CVE-2019-19959", "CVE-2019-3822", "CVE-2019-3823", "CVE-2019-3825", "CVE-2019-3843", "CVE-2019-3844", "CVE-2019-5094", "CVE-2019-5436", "CVE-2019-5481", "CVE-2019-5482", "CVE-2019-5953", "CVE-2019-6237", "CVE-2019-6251", "CVE-2019-6454", "CVE-2019-6706", "CVE-2019-7146", "CVE-2019-7149", "CVE-2019-7150", "CVE-2019-7664", "CVE-2019-7665", "CVE-2019-8457", "CVE-2019-8506", "CVE-2019-8518", "CVE-2019-8523", "CVE-2019-8524", "CVE-2019-8535", "CVE-2019-8536", "CVE-2019-8544", "CVE-2019-8558", "CVE-2019-8559", "CVE-2019-8563", "CVE-2019-8571", "CVE-2019-8583", "CVE-2019-8584", "CVE-2019-8586", "CVE-2019-8587", "CVE-2019-8594", "CVE-2019-8595", "CVE-2019-8596", "CVE-2019-8597", "CVE-2019-8601", "CVE-2019-8607", "CVE-2019-8608", "CVE-2019-8609", "CVE-2019-8610", "CVE-2019-8611", "CVE-2019-8615", "CVE-2019-8619", "CVE-2019-8622", "CVE-2019-8623", "CVE-2019-8666", "CVE-2019-8671", "CVE-2019-8672", "CVE-2019-8673", "CVE-2019-8675", "CVE-2019-8676", "CVE-2019-8677", "CVE-2019-8679", "CVE-2019-8681", "CVE-2019-8686", "CVE-2019-8687", "CVE-2019-8689", "CVE-2019-8690", "CVE-2019-8696", "CVE-2019-8726", "CVE-2019-8735", "CVE-2019-8768", "CVE-2020-10531", "CVE-2020-10715", "CVE-2020-10743", "CVE-2020-11008", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11110", "CVE-2020-12049", "CVE-2020-12052", "CVE-2020-12245", "CVE-2020-13822", "CVE-2020-14040", "CVE-2020-14336", "CVE-2020-15366", "CVE-2020-15719", "CVE-2020-1712", "CVE-2020-7013", "CVE-2020-7598", "CVE-2020-7662", "CVE-2020-8203", "CVE-2020-8559", "CVE-2020-9283"], "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)\n\n* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)\n\n* grafana: XSS vulnerability via a column style on the \"Dashboard > Table Panel\" screen (CVE-2018-18624)\n\n* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769)\n\n* kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013)\n\n* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)\n\n* npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662)\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* grafana: stored XSS (CVE-2020-11110)\n\n* grafana: XSS annotation popup vulnerability (CVE-2020-12052)\n\n* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)\n\n* nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)\n\n* openshift/console: text injection on error page via crafted url (CVE-2020-10715)\n\n* kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743)\n\n* openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-10-28T04:36:30", "published": "2020-10-27T18:57:54", "id": "RHSA-2020:4298", "href": "https://access.redhat.com/errata/RHSA-2020:4298", "type": "redhat", "title": "(RHSA-2020:4298) Moderate: OpenShift Container Platform 4.6.1 image security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2020-06-04T23:28:16", "bulletinFamily": "unix", "cvelist": ["CVE-2019-1010180"], "description": "[8.2-11.0.1]\n- Import Implement s390x arch13 support (Andreas Krebbel, RH BZ 1768593).\n[8.2-8.0.2]\n- Forward-port patches from ol8-u1:\n gdb-ctf-forward-type.patch\n gdb-ctf-func-args.patch\n gdb-ctf-optout-var.patch\n- Reviewed-by: Jose E. Marchesi \n[8.2-8.0.1]\n- Forward-port patches from ol8-u1:\n gdb-ctf.patch\n gdb-ctf-upstream1.patch\n gdb-ctf-prfunc.patch\n- Reviewed-by: Jose E. Marchesi \n[8.2-8.el8]\n- Fix buffer overflow reading sections with invalid sizes\n (Keith Seitz, RH BZ 1742099)\n[8.2-7.el8]\n- Fix segfault that happens on parse_macro_definition because\n debugedit corrupts the .debug_macro section (Sergio Durigan Junior,\n RH BZ 1708192).", "edition": 1, "modified": "2020-05-05T00:00:00", "published": "2020-05-05T00:00:00", "id": "ELSA-2020-1635", "href": "http://linux.oracle.com/errata/ELSA-2020-1635.html", "title": "gdb security and bug fix update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2020-03-15T22:43:25", "bulletinFamily": "unix", "cvelist": ["CVE-2019-1010180"], "description": "### Background\n\ngdb is the GNU project\u2019s debugger, facilitating the analysis and debugging of applications. The BFD library provides a uniform method of accessing a variety of object file formats. \n\n### Description\n\nIt was discovered that gdb didn\u2019t properly validate the ELF section sizes from input file. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted ELF binary using gdb, possibly resulting in information disclosure or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll gdb users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-devel/gdb-9.1\"", "edition": 1, "modified": "2020-03-15T00:00:00", "published": "2020-03-15T00:00:00", "id": "GLSA-202003-31", "href": "https://security.gentoo.org/glsa/202003-31", "title": "gdb: Buffer overflow", "type": "gentoo", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-04-01T04:44:42", "description": "This update for gdb fixes the following issues :\n\nUpdate to gdb 8.3.1: (jsc#ECO-368)\n\nSecurity issues fixed :\n\n - CVE-2019-1010180: Fixed a potential buffer overflow when\n loading ELF sections larger than the file. (bsc#1142772)\n\nUpgrade libipt from v2.0 to v2.0.1.\n\n - Enable librpm for version > librpm.so.3 [bsc#1145692] :\n\n - Allow any librpm.so.x\n\n - Add %build test to check for 'zypper install\n <rpm-packagename>' message\n\n - Copy gdbinit from fedora master @ 25caf28. Add\n gdbinit.without-python, and use it for --without=python.\n\nRebase to 8.3 release (as in fedora 30 @ 1e222a3).\n\n - DWARF index cache: GDB can now automatically save\n indices of DWARF symbols on disk to speed up further\n loading of the same binaries.\n\n - Ada task switching is now supported on aarch64-elf\n targets when debugging a program using the Ravenscar\n Profile.\n\n - Terminal styling is now available for the CLI and the\n TUI.\n\n - Removed support for old demangling styles arm, edg, gnu,\n hp and lucid.\n\n - Support for new native configuration RISC-V GNU/Linux\n (riscv*-*-linux*).\n\n - Implemented access to more POWER8 registers.\n [fate#326120, fate#325178]\n\n - Handle most of new s390 arch13 instructions.\n [fate#327369, jsc#ECO-368]\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.", "edition": 19, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-11-13T00:00:00", "title": "openSUSE Security Update : gdb (openSUSE-2019-2494)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010180"], "modified": "2021-04-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:gdbserver", "cpe:/o:novell:opensuse:15.1", "p-cpe:/a:novell:opensuse:gdb-debuginfo", "p-cpe:/a:novell:opensuse:gdbserver-debuginfo", "p-cpe:/a:novell:opensuse:gdb-testresults", "p-cpe:/a:novell:opensuse:gdb", "p-cpe:/a:novell:opensuse:gdb-debugsource"], "id": "OPENSUSE-2019-2494.NASL", "href": "https://www.tenable.com/plugins/nessus/130940", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2494.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130940);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/12\");\n\n script_cve_id(\"CVE-2019-1010180\");\n\n script_name(english:\"openSUSE Security Update : gdb (openSUSE-2019-2494)\");\n script_summary(english:\"Check for the openSUSE-2019-2494 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for gdb fixes the following issues :\n\nUpdate to gdb 8.3.1: (jsc#ECO-368)\n\nSecurity issues fixed :\n\n - CVE-2019-1010180: Fixed a potential buffer overflow when\n loading ELF sections larger than the file. (bsc#1142772)\n\nUpgrade libipt from v2.0 to v2.0.1.\n\n - Enable librpm for version > librpm.so.3 [bsc#1145692] :\n\n - Allow any librpm.so.x\n\n - Add %build test to check for 'zypper install\n <rpm-packagename>' message\n\n - Copy gdbinit from fedora master @ 25caf28. Add\n gdbinit.without-python, and use it for --without=python.\n\nRebase to 8.3 release (as in fedora 30 @ 1e222a3).\n\n - DWARF index cache: GDB can now automatically save\n indices of DWARF symbols on disk to speed up further\n loading of the same binaries.\n\n - Ada task switching is now supported on aarch64-elf\n targets when debugging a program using the Ravenscar\n Profile.\n\n - Terminal styling is now available for the CLI and the\n TUI.\n\n - Removed support for old demangling styles arm, edg, gnu,\n hp and lucid.\n\n - Support for new native configuration RISC-V GNU/Linux\n (riscv*-*-linux*).\n\n - Implemented access to more POWER8 registers.\n [fate#326120, fate#325178]\n\n - Handle most of new s390 arch13 instructions.\n [fate#327369, jsc#ECO-368]\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1145692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://features.opensuse.org/325178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://features.opensuse.org/326120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://features.opensuse.org/327369\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gdb packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gdb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gdb-testresults\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gdbserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gdbserver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"gdb-8.3.1-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"gdb-debuginfo-8.3.1-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"gdb-debugsource-8.3.1-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"gdb-testresults-8.3.1-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"gdbserver-8.3.1-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"gdbserver-debuginfo-8.3.1-lp151.4.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gdb / gdb-debuginfo / gdb-debugsource / gdb-testresults / gdbserver / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-22T23:06:36", "description": "An update of the gdb package has been released.", "edition": 2, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-15T00:00:00", "title": "Photon OS 1.0: Gdb PHSA-2020-1.0-0287", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010180"], "modified": "2020-04-15T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:gdb", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2020-1_0-0287_GDB.NASL", "href": "https://www.tenable.com/plugins/nessus/135484", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-1.0-0287. The text\n# itself is copyright (C) VMware, Inc.\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135484);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/21\");\n\n script_cve_id(\"CVE-2019-1010180\");\n script_bugtraq_id(109367);\n\n script_name(english:\"Photon OS 1.0: Gdb PHSA-2020-1.0-0287\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the gdb package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-287.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1010180\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:gdb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"gdb-7.8.2-10.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"gdb-debuginfo-7.8.2-10.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gdb\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-14T06:22:10", "description": "This update for gdb fixes the following issues :\n\nUpdate to gdb 8.3.1: (jsc#ECO-368)\n\nSecurity issues fixed :\n\nCVE-2019-1010180: Fixed a potential buffer overflow when loading ELF\nsections larger than the file. (bsc#1142772)\n\nUpgrade libipt from v2.0 to v2.0.1. Enable librpm for version >\nlibrpm.so.3 [bsc#1145692] :\n\n - Allow any librpm.so.x\n\n - Add %build test to check for 'zypper install\n <rpm-packagename>' message </rpm-packagename>\n\nCopy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python,\nand use it for --without=python.\n\nRebase to 8.3 release (as in fedora 30 @ 1e222a3). DWARF index cache:\nGDB can now automatically save indices of DWARF symbols on disk to\nspeed up further loading of the same binaries.\n\nAda task switching is now supported on aarch64-elf targets when\ndebugging a program using the Ravenscar Profile.\n\nTerminal styling is now available for the CLI and the TUI.\n\nRemoved support for old demangling styles arm, edg, gnu, hp and lucid.\n\nSupport for new native configuration RISC-V GNU/Linux\n(riscv*-*-linux*).\n\nImplemented access to more POWER8 registers. [fate#326120,\nfate#325178]\n\nHandle most of new s390 arch13 instructions. [fate#327369,\njsc#ECO-368]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-11-08T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : gdb (SUSE-SU-2019:2913-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010180"], "modified": "2019-11-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:gdb-testresults", "p-cpe:/a:novell:suse_linux:gdb-debuginfo", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:gdbserver", "p-cpe:/a:novell:suse_linux:gdb", "p-cpe:/a:novell:suse_linux:gdb-debugsource", "p-cpe:/a:novell:suse_linux:gdbserver-debuginfo"], "id": "SUSE_SU-2019-2913-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130752", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2913-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130752);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-1010180\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : gdb (SUSE-SU-2019:2913-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for gdb fixes the following issues :\n\nUpdate to gdb 8.3.1: (jsc#ECO-368)\n\nSecurity issues fixed :\n\nCVE-2019-1010180: Fixed a potential buffer overflow when loading ELF\nsections larger than the file. (bsc#1142772)\n\nUpgrade libipt from v2.0 to v2.0.1. Enable librpm for version >\nlibrpm.so.3 [bsc#1145692] :\n\n - Allow any librpm.so.x\n\n - Add %build test to check for 'zypper install\n <rpm-packagename>' message </rpm-packagename>\n\nCopy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python,\nand use it for --without=python.\n\nRebase to 8.3 release (as in fedora 30 @ 1e222a3). DWARF index cache:\nGDB can now automatically save indices of DWARF symbols on disk to\nspeed up further loading of the same binaries.\n\nAda task switching is now supported on aarch64-elf targets when\ndebugging a program using the Ravenscar Profile.\n\nTerminal styling is now available for the CLI and the TUI.\n\nRemoved support for old demangling styles arm, edg, gnu, hp and lucid.\n\nSupport for new native configuration RISC-V GNU/Linux\n(riscv*-*-linux*).\n\nImplemented access to more POWER8 registers. [fate#326120,\nfate#325178]\n\nHandle most of new s390 arch13 instructions. [fate#327369,\njsc#ECO-368]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-1010180/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192913-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?85651690\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2913=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-SP1-2019-2913=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb-testresults\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdbserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdbserver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"gdb-8.3.1-8.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"gdb-debuginfo-8.3.1-8.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"gdb-debugsource-8.3.1-8.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"gdb-testresults-8.3.1-8.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"gdbserver-8.3.1-8.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"gdbserver-debuginfo-8.3.1-8.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"gdb-8.3.1-8.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"gdb-debuginfo-8.3.1-8.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"gdb-debugsource-8.3.1-8.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"gdb-testresults-8.3.1-8.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"gdbserver-8.3.1-8.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"gdbserver-debuginfo-8.3.1-8.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gdb\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-03-25T13:43:22", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1635 advisory.\n\n - gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution (CVE-2019-1010180)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "edition": 5, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-28T00:00:00", "title": "RHEL 8 : gdb (RHSA-2020:1635)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010180"], "modified": "2020-04-28T00:00:00", "cpe": ["cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:gdb-gdbserver", "p-cpe:/a:redhat:enterprise_linux:gdb", "p-cpe:/a:redhat:enterprise_linux:gdb-doc", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_aus:8.2", "p-cpe:/a:redhat:enterprise_linux:gdb-debugsource", "p-cpe:/a:redhat:enterprise_linux:gdb-headless", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_eus:8.2"], "id": "REDHAT-RHSA-2020-1635.NASL", "href": "https://www.tenable.com/plugins/nessus/136058", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1635. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136058);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/24\");\n\n script_cve_id(\"CVE-2019-1010180\");\n script_bugtraq_id(109367);\n script_xref(name:\"RHSA\", value:\"2020:1635\");\n\n script_name(english:\"RHEL 8 : gdb (RHSA-2020:1635)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1635 advisory.\n\n - gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution (CVE-2019-1010180)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/119.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-1010180\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1740615\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1010180\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gdb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gdb-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gdb-gdbserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gdb-headless\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'rhel_eus_8_2_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n append_element(var:found_repos, value:repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:1635');\n}\n\npkgs = [\n {'reference':'gdb-8.2-11.el8', 'cpu':'aarch64', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-8.2-11.el8', 'cpu':'i686', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-8.2-11.el8', 'cpu':'s390x', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-8.2-11.el8', 'cpu':'x86_64', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-debugsource-8.2-11.el8', 'cpu':'aarch64', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-debugsource-8.2-11.el8', 'cpu':'i686', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-debugsource-8.2-11.el8', 'cpu':'s390x', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-debugsource-8.2-11.el8', 'cpu':'x86_64', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-doc-8.2-11.el8', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-gdbserver-8.2-11.el8', 'cpu':'aarch64', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-gdbserver-8.2-11.el8', 'cpu':'s390x', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-gdbserver-8.2-11.el8', 'cpu':'x86_64', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-headless-8.2-11.el8', 'cpu':'aarch64', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-headless-8.2-11.el8', 'cpu':'i686', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-headless-8.2-11.el8', 'cpu':'s390x', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']},\n {'reference':'gdb-headless-8.2-11.el8', 'cpu':'x86_64', 'release':'8', 'el_string':'el8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'rhel_eus_8_2_appstream']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n repocheck = FALSE;\n if (empty_or_null(found_repos))\n {\n repocheck = TRUE;\n }\n else\n {\n foreach repo (repo_list) {\n if (contains_element(var:found_repos, value:repo))\n {\n repocheck = TRUE;\n break;\n }\n }\n }\n if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gdb / gdb-debugsource / gdb-doc / gdb-gdbserver / gdb-headless');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-03-24T09:24:39", "description": "The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nCESA-2020:1635 advisory.\n\n - gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code\n execution (CVE-2019-1010180)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 3, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-01T00:00:00", "title": "CentOS 8 : gdb (CESA-2020:1635)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010180"], "modified": "2021-02-01T00:00:00", "cpe": ["p-cpe:/a:centos:centos:gdb-headless", "p-cpe:/a:centos:centos:gdb", "p-cpe:/a:centos:centos:gdb-doc", "cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:gdb-gdbserver"], "id": "CENTOS8_RHSA-2020-1635.NASL", "href": "https://www.tenable.com/plugins/nessus/146008", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2020:1635. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146008);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\"CVE-2019-1010180\");\n script_bugtraq_id(109367);\n script_xref(name:\"RHSA\", value:\"2020:1635\");\n\n script_name(english:\"CentOS 8 : gdb (CESA-2020:1635)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nCESA-2020:1635 advisory.\n\n - gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code\n execution (CVE-2019-1010180)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1635\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1010180\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gdb-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gdb-gdbserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gdb-headless\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'gdb-8.2-11.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdb-8.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdb-doc-8.2-11.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdb-doc-8.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdb-gdbserver-8.2-11.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdb-gdbserver-8.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdb-headless-8.2-11.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gdb-headless-8.2-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gdb / gdb-doc / gdb-gdbserver / gdb-headless');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-19T08:18:02", "description": "The remote host is affected by the vulnerability described in GLSA-202003-31\n(gdb: Buffer overflow)\n\n It was discovered that gdb didn’t properly validate the ELF section\n sizes from input file.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted ELF\n binary using gdb, possibly resulting in information disclosure or a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 2, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-03-16T00:00:00", "title": "GLSA-202003-31 : gdb: Buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010180"], "modified": "2020-03-16T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:gdb"], "id": "GENTOO_GLSA-202003-31.NASL", "href": "https://www.tenable.com/plugins/nessus/134608", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202003-31.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134608);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/18\");\n\n script_cve_id(\"CVE-2019-1010180\");\n script_xref(name:\"GLSA\", value:\"202003-31\");\n\n script_name(english:\"GLSA-202003-31 : gdb: Buffer overflow\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-202003-31\n(gdb: Buffer overflow)\n\n It was discovered that gdb didn’t properly validate the ELF section\n sizes from input file.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted ELF\n binary using gdb, possibly resulting in information disclosure or a\n Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202003-31\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All gdb users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-devel/gdb-9.1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gdb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"sys-devel/gdb\", unaffected:make_list(\"ge 9.1\"), vulnerable:make_list(\"lt 9.1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gdb\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-14T06:22:11", "description": "This update for gdb fixes the following issues :\n\nUpdate to gdb 8.3.1: (jsc#ECO-368)\n\nSecurity issues fixed :\n\nCVE-2019-1010180: Fixed a potential buffer overflow when loading ELF\nsections larger than the file. (bsc#1142772)\n\nUpgrade libipt from v2.0 to v2.0.1. Enable librpm for version >\nlibrpm.so.3 [bsc#1145692] :\n\n - Allow any librpm.so.x\n\n - Add %build test to check for 'zypper install\n <rpm-packagename>' message </rpm-packagename>\n\nCopy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python,\nand use it for --without=python.\n\nRebase to 8.3 release (as in fedora 30 @ 1e222a3). DWARF index cache:\nGDB can now automatically save indices of DWARF symbols on disk to\nspeed up further loading of the same binaries.\n\nAda task switching is now supported on aarch64-elf targets when\ndebugging a program using the Ravenscar Profile.\n\nTerminal styling is now available for the CLI and the TUI.\n\nRemoved support for old demangling styles arm, edg, gnu, hp and lucid.\n\nSupport for new native configuration RISC-V GNU/Linux\n(riscv*-*-linux*).\n\nImplemented access to more POWER8 registers. [fate#326120,\nfate#325178]\n\nAlso handle most new s390 arch13 instructions. [fate#327369,\njsc#ECO-368]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-11-08T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : gdb (SUSE-SU-2019:2916-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010180"], "modified": "2019-11-08T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:gdb-debuginfo", "p-cpe:/a:novell:suse_linux:gdb", "p-cpe:/a:novell:suse_linux:gdb-debugsource"], "id": "SUSE_SU-2019-2916-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130755", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2916-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130755);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-1010180\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : gdb (SUSE-SU-2019:2916-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for gdb fixes the following issues :\n\nUpdate to gdb 8.3.1: (jsc#ECO-368)\n\nSecurity issues fixed :\n\nCVE-2019-1010180: Fixed a potential buffer overflow when loading ELF\nsections larger than the file. (bsc#1142772)\n\nUpgrade libipt from v2.0 to v2.0.1. Enable librpm for version >\nlibrpm.so.3 [bsc#1145692] :\n\n - Allow any librpm.so.x\n\n - Add %build test to check for 'zypper install\n <rpm-packagename>' message </rpm-packagename>\n\nCopy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python,\nand use it for --without=python.\n\nRebase to 8.3 release (as in fedora 30 @ 1e222a3). DWARF index cache:\nGDB can now automatically save indices of DWARF symbols on disk to\nspeed up further loading of the same binaries.\n\nAda task switching is now supported on aarch64-elf targets when\ndebugging a program using the Ravenscar Profile.\n\nTerminal styling is now available for the CLI and the TUI.\n\nRemoved support for old demangling styles arm, edg, gnu, hp and lucid.\n\nSupport for new native configuration RISC-V GNU/Linux\n(riscv*-*-linux*).\n\nImplemented access to more POWER8 registers. [fate#326120,\nfate#325178]\n\nAlso handle most new s390 arch13 instructions. [fate#327369,\njsc#ECO-368]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-1010180/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192916-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?942e3fa9\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8:zypper in -t patch\nSUSE-OpenStack-Cloud-Crowbar-8-2019-2916=1\n\nSUSE OpenStack Cloud 8:zypper in -t patch\nSUSE-OpenStack-Cloud-8-2019-2916=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t\npatch SUSE-SLE-SDK-12-SP5-2019-2916=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-2916=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3:zypper in -t patch\nSUSE-SLE-SAP-12-SP3-2019-2916=1\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2019-2916=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-2916=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-2916=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-BCL-2019-2916=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-2916=1\n\nSUSE Enterprise Storage 5:zypper in -t patch\nSUSE-Storage-5-2019-2916=1\n\nHPE Helion Openstack 8:zypper in -t patch\nHPE-Helion-OpenStack-8-2019-2916=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3/4/5\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"gdb-8.3.1-2.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"gdb-debuginfo-8.3.1-2.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"gdb-debugsource-8.3.1-2.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"gdb-8.3.1-2.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"gdb-debuginfo-8.3.1-2.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"gdb-debugsource-8.3.1-2.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"gdb-8.3.1-2.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"gdb-debuginfo-8.3.1-2.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"gdb-debugsource-8.3.1-2.14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"gdb-8.3.1-2.14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"gdb-debuginfo-8.3.1-2.14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"gdb-debugsource-8.3.1-2.14.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gdb\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-14T06:22:10", "description": "This update for gdb fixes the following issues :\n\nUpdate to gdb 8.3.1: (jsc#ECO-368)\n\nSecurity issues fixed :\n\nCVE-2019-1010180: Fixed a potential buffer overflow when loading ELF\nsections larger than the file. (bsc#1142772)\n\nUpgrade libipt from v2.0 to v2.0.1. Enable librpm for version >\nlibrpm.so.3 [bsc#1145692] :\n\n - Allow any librpm.so.x\n\n - Add %build test to check for 'zypper install\n <rpm-packagename>' message </rpm-packagename>\n\nCopy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python,\nand use it for --without=python.\n\nRebase to 8.3 release (as in fedora 30 @ 1e222a3). DWARF index cache:\nGDB can now automatically save indices of DWARF symbols on disk to\nspeed up further loading of the same binaries.\n\nAda task switching is now supported on aarch64-elf targets when\ndebugging a program using the Ravenscar Profile.\n\nTerminal styling is now available for the CLI and the TUI.\n\nRemoved support for old demangling styles arm, edg, gnu, hp and lucid.\n\nSupport for new native configuration RISC-V GNU/Linux\n(riscv*-*-linux*).\n\nImplemented access to more POWER8 registers. [fate#326120,\nfate#325178]\n\nHandle most of new s390 arch13 instructions. [fate#327369,\njsc#ECO-368]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-11-07T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : gdb (SUSE-SU-2019:2902-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010180"], "modified": "2019-11-07T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:gdb-testresults", "p-cpe:/a:novell:suse_linux:gdb-debuginfo", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:gdbserver", "p-cpe:/a:novell:suse_linux:gdb", "p-cpe:/a:novell:suse_linux:gdb-debugsource", "p-cpe:/a:novell:suse_linux:gdbserver-debuginfo"], "id": "SUSE_SU-2019-2902-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130620", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2902-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130620);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-1010180\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : gdb (SUSE-SU-2019:2902-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for gdb fixes the following issues :\n\nUpdate to gdb 8.3.1: (jsc#ECO-368)\n\nSecurity issues fixed :\n\nCVE-2019-1010180: Fixed a potential buffer overflow when loading ELF\nsections larger than the file. (bsc#1142772)\n\nUpgrade libipt from v2.0 to v2.0.1. Enable librpm for version >\nlibrpm.so.3 [bsc#1145692] :\n\n - Allow any librpm.so.x\n\n - Add %build test to check for 'zypper install\n <rpm-packagename>' message </rpm-packagename>\n\nCopy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python,\nand use it for --without=python.\n\nRebase to 8.3 release (as in fedora 30 @ 1e222a3). DWARF index cache:\nGDB can now automatically save indices of DWARF symbols on disk to\nspeed up further loading of the same binaries.\n\nAda task switching is now supported on aarch64-elf targets when\ndebugging a program using the Ravenscar Profile.\n\nTerminal styling is now available for the CLI and the TUI.\n\nRemoved support for old demangling styles arm, edg, gnu, hp and lucid.\n\nSupport for new native configuration RISC-V GNU/Linux\n(riscv*-*-linux*).\n\nImplemented access to more POWER8 registers. [fate#326120,\nfate#325178]\n\nHandle most of new s390 arch13 instructions. [fate#327369,\njsc#ECO-368]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-1010180/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192902-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?37eea8ea\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2902=1\n\nSUSE Linux Enterprise Module for Development Tools 15:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-2019-2902=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb-testresults\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdbserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdbserver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"gdb-8.3.1-3.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"gdb-debuginfo-8.3.1-3.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"gdb-debugsource-8.3.1-3.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"gdb-testresults-8.3.1-3.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"gdbserver-8.3.1-3.13.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"gdbserver-debuginfo-8.3.1-3.13.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"gdb-8.3.1-3.13.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"gdb-debuginfo-8.3.1-3.13.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"gdb-debugsource-8.3.1-3.13.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"gdb-testresults-8.3.1-3.13.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"gdbserver-8.3.1-3.13.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"gdbserver-debuginfo-8.3.1-3.13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gdb\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-14T06:22:11", "description": "This update for gdb fixes the following issues :\n\nUpdate to gdb 8.3.1: (jsc#ECO-368)\n\nSecurity issues fixed :\n\nCVE-2019-1010180: Fixed a potential buffer overflow when loading ELF\nsections larger than the file. (bsc#1142772)\n\nUpgrade libipt from v2.0 to v2.0.1. Enable librpm for version >\nlibrpm.so.3 [bsc#1145692] :\n\n - Allow any librpm.so.x\n\n - Add %build test to check for 'zypper install\n <rpm-packagename>' message </rpm-packagename>\n\nCopy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python,\nand use it for --without=python.\n\nRebase to 8.3 release (as in fedora 30 @ 1e222a3). DWARF index cache:\nGDB can now automatically save indices of DWARF symbols on disk to\nspeed up further loading of the same binaries.\n\nAda task switching is now supported on aarch64-elf targets when\ndebugging a program using the Ravenscar Profile.\n\nTerminal styling is now available for the CLI and the TUI.\n\nRemoved support for old demangling styles arm, edg, gnu, hp and lucid.\n\nSupport for new native configuration RISC-V GNU/Linux\n(riscv*-*-linux*).\n\nImplemented access to more POWER8 registers. [fate#326120,\nfate#325178]\n\nAdd gdb-s390-handle-arch13.diff to handle most new s390 arch13\ninstructions. [fate#327369, jsc#ECO-368]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-11-08T00:00:00", "title": "SUSE SLES12 Security Update : gdb (SUSE-SU-2019:2914-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010180"], "modified": "2019-11-08T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:gdb-debuginfo", "p-cpe:/a:novell:suse_linux:gdb", "p-cpe:/a:novell:suse_linux:gdb-debugsource"], "id": "SUSE_SU-2019-2914-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130753", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2914-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130753);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-1010180\");\n\n script_name(english:\"SUSE SLES12 Security Update : gdb (SUSE-SU-2019:2914-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for gdb fixes the following issues :\n\nUpdate to gdb 8.3.1: (jsc#ECO-368)\n\nSecurity issues fixed :\n\nCVE-2019-1010180: Fixed a potential buffer overflow when loading ELF\nsections larger than the file. (bsc#1142772)\n\nUpgrade libipt from v2.0 to v2.0.1. Enable librpm for version >\nlibrpm.so.3 [bsc#1145692] :\n\n - Allow any librpm.so.x\n\n - Add %build test to check for 'zypper install\n <rpm-packagename>' message </rpm-packagename>\n\nCopy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python,\nand use it for --without=python.\n\nRebase to 8.3 release (as in fedora 30 @ 1e222a3). DWARF index cache:\nGDB can now automatically save indices of DWARF symbols on disk to\nspeed up further loading of the same binaries.\n\nAda task switching is now supported on aarch64-elf targets when\ndebugging a program using the Ravenscar Profile.\n\nTerminal styling is now available for the CLI and the TUI.\n\nRemoved support for old demangling styles arm, edg, gnu, hp and lucid.\n\nSupport for new native configuration RISC-V GNU/Linux\n(riscv*-*-linux*).\n\nImplemented access to more POWER8 registers. [fate#326120,\nfate#325178]\n\nAdd gdb-s390-handle-arch13.diff to handle most new s390 arch13\ninstructions. [fate#327369, jsc#ECO-368]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-1010180/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192914-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3ae81df2\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-2914=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-2914=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2019-2914=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-2914=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2019-2914=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2019-2914=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gdb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"gdb-8.3.1-1.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"gdb-debuginfo-8.3.1-1.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"gdb-debugsource-8.3.1-1.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"gdb-8.3.1-1.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"gdb-debuginfo-8.3.1-1.12.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"gdb-debugsource-8.3.1-1.12.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gdb\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:49:39", "description": "This update for gdb fixes the following issues :\n\nUpdate to gdb 8.3.1: (jsc#ECO-368)\n\nSecurity issues fixed :\n\n - CVE-2019-1010180: Fixed a potential buffer overflow when\n loading ELF sections larger than the file. (bsc#1142772)\n\nUpgrade libipt from v2.0 to v2.0.1.\n\n - Enable librpm for version > librpm.so.3 [bsc#1145692] :\n\n - Allow any librpm.so.x\n\n - Add %build test to check for 'zypper install\n <rpm-packagename>' message\n\n - Copy gdbinit from fedora master @ 25caf28. Add\n gdbinit.without-python, and use it for --without=python.\n\nRebase to 8.3 release (as in fedora 30 @ 1e222a3).\n\n - DWARF index cache: GDB can now automatically save\n indices of DWARF symbols on disk to speed up further\n loading of the same binaries.\n\n - Ada task switching is now supported on aarch64-elf\n targets when debugging a program using the Ravenscar\n Profile.\n\n - Terminal styling is now available for the CLI and the\n TUI.\n\n - Removed support for old demangling styles arm, edg, gnu,\n hp and lucid.\n\n - Support for new native configuration RISC-V GNU/Linux\n (riscv*-*-linux*).\n\n - Implemented access to more POWER8 registers.\n [fate#326120, fate#325178]\n\n - Handle most of new s390 arch13 instructions.\n [fate#327369, jsc#ECO-368]\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 14, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-11-13T00:00:00", "title": "openSUSE Security Update : gdb (openSUSE-2019-2493)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010180"], "modified": "2019-11-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:gdbserver", "cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:gdb-debuginfo", "p-cpe:/a:novell:opensuse:gdbserver-debuginfo", "p-cpe:/a:novell:opensuse:gdb-testresults", "p-cpe:/a:novell:opensuse:gdb", "p-cpe:/a:novell:opensuse:gdb-debugsource"], "id": "OPENSUSE-2019-2493.NASL", "href": "https://www.tenable.com/plugins/nessus/130939", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2493.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130939);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-1010180\");\n\n script_name(english:\"openSUSE Security Update : gdb (openSUSE-2019-2493)\");\n script_summary(english:\"Check for the openSUSE-2019-2493 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for gdb fixes the following issues :\n\nUpdate to gdb 8.3.1: (jsc#ECO-368)\n\nSecurity issues fixed :\n\n - CVE-2019-1010180: Fixed a potential buffer overflow when\n loading ELF sections larger than the file. (bsc#1142772)\n\nUpgrade libipt from v2.0 to v2.0.1.\n\n - Enable librpm for version > librpm.so.3 [bsc#1145692] :\n\n - Allow any librpm.so.x\n\n - Add %build test to check for 'zypper install\n <rpm-packagename>' message\n\n - Copy gdbinit from fedora master @ 25caf28. Add\n gdbinit.without-python, and use it for --without=python.\n\nRebase to 8.3 release (as in fedora 30 @ 1e222a3).\n\n - DWARF index cache: GDB can now automatically save\n indices of DWARF symbols on disk to speed up further\n loading of the same binaries.\n\n - Ada task switching is now supported on aarch64-elf\n targets when debugging a program using the Ravenscar\n Profile.\n\n - Terminal styling is now available for the CLI and the\n TUI.\n\n - Removed support for old demangling styles arm, edg, gnu,\n hp and lucid.\n\n - Support for new native configuration RISC-V GNU/Linux\n (riscv*-*-linux*).\n\n - Implemented access to more POWER8 registers.\n [fate#326120, fate#325178]\n\n - Handle most of new s390 arch13 instructions.\n [fate#327369, jsc#ECO-368]\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1145692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://features.opensuse.org/325178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://features.opensuse.org/326120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://features.opensuse.org/327369\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gdb packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gdb-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gdb-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gdb-testresults\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gdbserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gdbserver-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"gdb-8.3.1-lp150.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"gdb-debuginfo-8.3.1-lp150.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"gdb-debugsource-8.3.1-lp150.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"gdb-testresults-8.3.1-lp150.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"gdbserver-8.3.1-lp150.2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"gdbserver-debuginfo-8.3.1-lp150.2.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gdb / gdb-debuginfo / gdb-debugsource / gdb-testresults / gdbserver / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-01-31T16:53:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010180"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-11-13T00:00:00", "id": "OPENVAS:1361412562310852769", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852769", "type": "openvas", "title": "openSUSE: Security Advisory for gdb (openSUSE-SU-2019:2493-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852769\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-1010180\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-13 03:01:25 +0000 (Wed, 13 Nov 2019)\");\n script_name(\"openSUSE: Security Advisory for gdb (openSUSE-SU-2019:2493-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2493-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gdb'\n package(s) announced via the openSUSE-SU-2019:2493-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for gdb fixes the following issues:\n\n Update to gdb 8.3.1: (jsc#ECO-368)\n\n Security issues fixed:\n\n - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF\n sections larger than the file. (bsc#1142772)\n\n Upgrade libipt from v2.0 to v2.0.1.\n\n - Enable librpm for version > librpm.so.3 [bsc#1145692]:\n\n * Allow any librpm.so.x\n\n * Add %build test to check for 'zypper install <rpm-packagename>' message\n\n - Copy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python,\n and use it for --without=python.\n\n Rebase to 8.3 release (as in fedora 30 @ 1e222a3).\n\n * DWARF index cache: GDB can now automatically save indices of DWARF\n symbols on disk to speed up further loading of the same binaries.\n\n * Ada task switching is now supported on aarch64-elf targets when\n debugging a program using the Ravenscar Profile.\n\n * Terminal styling is now available for the CLI and the TUI.\n\n * Removed support for old demangling styles arm, edg, gnu, hp and lucid.\n\n * Support for new native configuration RISC-V GNU/Linux (riscv*-*-linux*).\n\n - Implemented access to more POWER8 registers. [fate#326120, fate#325178]\n\n - Handle most of new s390 arch13 instructions. [fate#327369, jsc#ECO-368]\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2493=1\");\n\n script_tag(name:\"affected\", value:\"'gdb' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"gdb\", rpm:\"gdb~8.3.1~lp150.2.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gdb-debuginfo\", rpm:\"gdb-debuginfo~8.3.1~lp150.2.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gdb-debugsource\", rpm:\"gdb-debugsource~8.3.1~lp150.2.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gdb-testresults\", rpm:\"gdb-testresults~8.3.1~lp150.2.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gdbserver\", rpm:\"gdbserver~8.3.1~lp150.2.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gdbserver-debuginfo\", rpm:\"gdbserver-debuginfo~8.3.1~lp150.2.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:30:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010180"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2020-01-09T00:00:00", "id": "OPENVAS:1361412562310852969", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852969", "type": "openvas", "title": "openSUSE: Security Advisory for gdb (openSUSE-SU-2019:2494-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852969\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-1010180\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:49:58 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for gdb (openSUSE-SU-2019:2494-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2494-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gdb'\n package(s) announced via the openSUSE-SU-2019:2494-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for gdb fixes the following issues:\n\n Update to gdb 8.3.1: (jsc#ECO-368)\n\n Security issues fixed:\n\n - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF\n sections larger than the file. (bsc#1142772)\n\n Upgrade libipt from v2.0 to v2.0.1.\n\n - Enable librpm for version > librpm.so.3 [bsc#1145692]:\n\n * Allow any librpm.so.x\n\n * Add %build test to check for 'zypper install <rpm-packagename>' message\n\n - Copy gdbinit from fedora master @ 25caf28. Add gdbinit.without-python,\n and use it for --without=python.\n\n Rebase to 8.3 release (as in fedora 30 @ 1e222a3).\n\n * DWARF index cache: GDB can now automatically save indices of DWARF\n symbols on disk to speed up further loading of the same binaries.\n\n * Ada task switching is now supported on aarch64-elf targets when\n debugging a program using the Ravenscar Profile.\n\n * Terminal styling is now available for the CLI and the TUI.\n\n * Removed support for old demangling styles arm, edg, gnu, hp and lucid.\n\n * Support for new native configuration RISC-V GNU/Linux (riscv*-*-linux*).\n\n - Implemented access to more POWER8 registers. [fate#326120, fate#325178]\n\n - Handle most of new s390 arch13 instructions. [fate#327369, jsc#ECO-368]\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2494=1\");\n\n script_tag(name:\"affected\", value:\"'gdb' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"gdb\", rpm:\"gdb~8.3.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gdb-debuginfo\", rpm:\"gdb-debuginfo~8.3.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gdb-debugsource\", rpm:\"gdb-debugsource~8.3.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gdb-testresults\", rpm:\"gdb-testresults~8.3.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gdbserver\", rpm:\"gdbserver~8.3.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"gdbserver-debuginfo\", rpm:\"gdbserver-debuginfo~8.3.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:34:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-18309", "CVE-2018-1000876", "CVE-2018-18605", "CVE-2019-1010180", "CVE-2018-18607", "CVE-2018-20002", "CVE-2019-14444", "CVE-2018-18606"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192099", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192099", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-2099)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2099\");\n script_version(\"2020-01-23T15:42:05+0000\");\n script_cve_id(\"CVE-2018-1000876\", \"CVE-2018-18309\", \"CVE-2018-18605\", \"CVE-2018-18606\", \"CVE-2018-18607\", \"CVE-2018-20002\", \"CVE-2019-1010180\", \"CVE-2019-14444\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 15:42:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:34:20 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-2099)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2099\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2099\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'binutils' package(s) announced via the EulerOS-SA-2019-2099 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.(CVE-2018-18309)\n\nA heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.(CVE-2018-18605)\n\nAn issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.(CVE-2018-18607)\n\nAn issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.(CVE-2018-18606)\n\nbinutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound, bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.(CVE-2018-1000876)\n\nThe _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.(CVE-2018-20002)\n\nGNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.(CVE-2019-1010180)\n ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'binutils' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils\", rpm:\"binutils~2.31.1~13.h7.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils-devel\", rpm:\"binutils-devel~2.31.1~13.h7.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-02-26T16:50:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-9076", "CVE-2018-12698", "CVE-2019-9071", "CVE-2019-14250", "CVE-2019-1010180", "CVE-2018-18483", "CVE-2018-20657", "CVE-2019-9070", "CVE-2019-9074"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-02-24T00:00:00", "published": "2020-02-24T00:00:00", "id": "OPENVAS:1361412562311220201094", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201094", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-1094)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1094\");\n script_version(\"2020-02-24T09:04:30+0000\");\n script_cve_id(\"CVE-2018-18483\", \"CVE-2018-20657\", \"CVE-2019-1010180\", \"CVE-2019-14250\", \"CVE-2019-9070\", \"CVE-2019-9071\", \"CVE-2019-9074\", \"CVE-2019-9076\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-02-24 09:04:30 +0000 (Mon, 24 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-24 09:04:30 +0000 (Mon, 24 Feb 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-1094)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1094\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1094\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'binutils' package(s) announced via the EulerOS-SA-2020-1094 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.(CVE-2019-9070)\n\nAn issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.(CVE-2019-9071)\n\nAn issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.(CVE-2019-14250)\n\nAn issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.(CVE-2019-9076)\n\nAn issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.(CVE-2019-9074)\n\nGNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.(CVE-2019-1010180)\n\nThe demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.(CVE-2018-20657)\n\nThe get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.(CVE-2018-18483)\");\n\n script_tag(name:\"affected\", value:\"'binutils' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils\", rpm:\"binutils~2.27~28.base.1.h40.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils-devel\", rpm:\"binutils-devel~2.27~28.base.1.h40.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:39:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-18309", "CVE-2018-1000876", "CVE-2018-18605", "CVE-2019-17450", "CVE-2019-1010180", "CVE-2019-12972", "CVE-2019-17451", "CVE-2018-18607", "CVE-2018-20671", "CVE-2018-20002", "CVE-2018-18606"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220201074", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201074", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-1074)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1074\");\n script_version(\"2020-01-23T15:42:05+0000\");\n script_cve_id(\"CVE-2018-1000876\", \"CVE-2018-18309\", \"CVE-2018-18605\", \"CVE-2018-18606\", \"CVE-2018-18607\", \"CVE-2018-20002\", \"CVE-2018-20671\", \"CVE-2019-1010180\", \"CVE-2019-12972\", \"CVE-2019-17450\", \"CVE-2019-17451\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 15:42:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:19:35 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-1074)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.5\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1074\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1074\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'binutils' package(s) announced via the EulerOS-SA-2020-1074 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.(CVE-2019-1010180)\n\nThe _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.(CVE-2018-20002)\n\nbinutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound, bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.(CVE-2018-1000876)\n\nAn issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.(CVE-2018-18606)\n\nAn issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.(CVE-2018-18607)\n\nA heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.(CVE-2018-18605)\n\nAn issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'binutils' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.5.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.5.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils\", rpm:\"binutils~2.31.1~13.h12.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:54:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7642", "CVE-2018-7208", "CVE-2018-19932", "CVE-2018-18484", "CVE-2018-18309", "CVE-2018-1000876", "CVE-2018-18605", "CVE-2018-7570", "CVE-2018-17358", "CVE-2018-7569", "CVE-2018-17985", "CVE-2018-6872", "CVE-2019-1010180", "CVE-2018-17360", "CVE-2018-6543", "CVE-2018-19931", "CVE-2018-18483", "CVE-2018-7568", "CVE-2018-6323", "CVE-2018-7643", "CVE-2018-6759", "CVE-2018-18607", "CVE-2018-20671", "CVE-2018-20651", "CVE-2018-17359", "CVE-2018-20623", "CVE-2018-18606", "CVE-2018-8945"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-10-31T00:00:00", "id": "OPENVAS:1361412562310852757", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852757", "type": "openvas", "title": "openSUSE: Security Advisory for binutils (openSUSE-SU-2019:2415-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852757\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2018-1000876\", \"CVE-2018-17358\", \"CVE-2018-17359\", \"CVE-2018-17360\", \"CVE-2018-17985\", \"CVE-2018-18309\", \"CVE-2018-18483\", \"CVE-2018-18484\", \"CVE-2018-18605\", \"CVE-2018-18606\", \"CVE-2018-18607\", \"CVE-2018-19931\", \"CVE-2018-19932\", \"CVE-2018-20623\", \"CVE-2018-20651\", \"CVE-2018-20671\", \"CVE-2018-6323\", \"CVE-2018-6543\", \"CVE-2018-6759\", \"CVE-2018-6872\", \"CVE-2018-7208\", \"CVE-2018-7568\", \"CVE-2018-7569\", \"CVE-2018-7570\", \"CVE-2018-7642\", \"CVE-2018-7643\", \"CVE-2018-8945\", \"CVE-2019-1010180\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-31 03:01:17 +0000 (Thu, 31 Oct 2019)\");\n script_name(\"openSUSE: Security Advisory for binutils (openSUSE-SU-2019:2415-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2415-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'binutils'\n package(s) announced via the openSUSE-SU-2019:2415-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for binutils fixes the following issues:\n\n binutils was updated to current 2.32 branch [jsc#ECO-368].\n\n Includes following security fixes:\n\n - CVE-2018-17358: Fixed invalid memory access in\n _bfd_stab_section_find_nearest_line in syms.c (bsc#1109412)\n\n - CVE-2018-17359: Fixed invalid memory access exists in bfd_zalloc in\n opncls.c (bsc#1109413)\n\n - CVE-2018-17360: Fixed heap-based buffer over-read in bfd_getl32 in\n libbfd.c (bsc#1109414)\n\n - CVE-2018-17985: Fixed a stack consumption problem caused by the\n cplus_demangle_type (bsc#1116827)\n\n - CVE-2018-18309: Fixed an invalid memory address dereference was\n discovered in read_reloc in reloc.c (bsc#1111996)\n\n - CVE-2018-18483: Fixed get_count function provided by libiberty that\n allowed attackers to cause a denial of service or other unspecified\n impact (bsc#1112535)\n\n - CVE-2018-18484: Fixed stack exhaustion in the C++ demangling functions\n provided by libiberty, caused by recursive stack frames (bsc#1112534)\n\n - CVE-2018-18605: Fixed a heap-based buffer over-read issue was discovered\n in the function sec_merge_hash_lookup causing a denial of service\n (bsc#1113255)\n\n - CVE-2018-18606: Fixed a NULL pointer dereference in\n _bfd_add_merge_section when attempting to merge sections with large\n alignments, causing denial of service (bsc#1113252)\n\n - CVE-2018-18607: Fixed a NULL pointer dereference in elf_link_input_bfd\n when used for finding STT_TLS symbols without any TLS section, causing\n denial of service (bsc#1113247)\n\n - CVE-2018-19931: Fixed a heap-based buffer overflow in\n bfd_elf32_swap_phdr_in in elfcode.h (bsc#1118831)\n\n - CVE-2018-19932: Fixed an integer overflow and infinite loop caused by\n the IS_CONTAINED_BY_LMA (bsc#1118830)\n\n - CVE-2018-20623: Fixed a use-after-free in the error function in\n elfcomm.c (bsc#1121035)\n\n - CVE-2018-20651: Fixed a denial of service via a NULL pointer dereference\n in elf_link_add_object_symbols in elflink.c (bsc#1121034)\n\n - CVE-2018-20671: Fixed an integer overflow that can trigger a heap-based\n buffer overflow in load_specific_debug_section in objdump.c\n (bsc#1121056)\n\n - CVE-2018-1000876: Fixed integer overflow in\n bfd_get_dynamic_reloc_upper_bound, bfd_canonicalize_dynamic_reloc in\n objdump (bsc#1120640)\n\n - CVE-2019-1010180: Fixed an out of bound memory access that could lead to\n crashes (bsc#1142772)\n\n - enable xtensa architecture (Tensilica lc6 and related)\n\n - Use -ffat-lto-objects in order to provide assembly for static libs\n (bsc#1141913).\n\n - Fixed some LTO build issues (bsc#1133131 bsc#1133232).\n\n - riscv: Don't check ABI flags if no code section\n ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'binutils' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils\", rpm:\"binutils~2.32~lp150.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils-debuginfo\", rpm:\"binutils-debuginfo~2.32~lp150.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils-debugsource\", rpm:\"binutils-debugsource~2.32~lp150.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils-devel\", rpm:\"binutils-devel~2.32~lp150.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils-gold\", rpm:\"binutils-gold~2.32~lp150.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils-gold-debuginfo\", rpm:\"binutils-gold-debuginfo~2.32~lp150.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"inutils-devel-32bit\", rpm:\"inutils-devel-32bit~2.32~lp150.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:27:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-7642", "CVE-2018-7208", "CVE-2018-19932", "CVE-2018-18484", "CVE-2018-18309", "CVE-2018-1000876", "CVE-2018-18605", "CVE-2018-7570", "CVE-2018-17358", "CVE-2018-7569", "CVE-2018-17985", "CVE-2018-6872", "CVE-2019-1010180", "CVE-2018-17360", "CVE-2018-6543", "CVE-2018-19931", "CVE-2018-18483", "CVE-2018-7568", "CVE-2018-6323", "CVE-2018-7643", "CVE-2018-6759", "CVE-2018-18607", "CVE-2018-20671", "CVE-2018-20651", "CVE-2018-17359", "CVE-2018-20623", "CVE-2018-18606", "CVE-2018-8945"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2020-01-09T00:00:00", "id": "OPENVAS:1361412562310852909", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852909", "type": "openvas", "title": "openSUSE: Security Advisory for binutils (openSUSE-SU-2019:2432-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852909\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2018-1000876\", \"CVE-2018-17358\", \"CVE-2018-17359\", \"CVE-2018-17360\",\n \"CVE-2018-17985\", \"CVE-2018-18309\", \"CVE-2018-18483\", \"CVE-2018-18484\",\n \"CVE-2018-18605\", \"CVE-2018-18606\", \"CVE-2018-18607\", \"CVE-2018-19931\",\n \"CVE-2018-19932\", \"CVE-2018-20623\", \"CVE-2018-20651\", \"CVE-2018-20671\",\n \"CVE-2018-6323\", \"CVE-2018-6543\", \"CVE-2018-6759\", \"CVE-2018-6872\",\n \"CVE-2018-7208\", \"CVE-2018-7568\", \"CVE-2018-7569\", \"CVE-2018-7570\",\n \"CVE-2018-7642\", \"CVE-2018-7643\", \"CVE-2018-8945\", \"CVE-2019-1010180\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:44:18 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for binutils (openSUSE-SU-2019:2432-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2432-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'binutils'\n package(s) announced via the openSUSE-SU-2019:2432-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for binutils fixes the following issues:\n\n binutils was updated to current 2.32 branch [jsc#ECO-368].\n\n Includes following security fixes:\n\n - CVE-2018-17358: Fixed invalid memory access in\n _bfd_stab_section_find_nearest_line in syms.c (bsc#1109412)\n\n - CVE-2018-17359: Fixed invalid memory access exists in bfd_zalloc in\n opncls.c (bsc#1109413)\n\n - CVE-2018-17360: Fixed heap-based buffer over-read in bfd_getl32 in\n libbfd.c (bsc#1109414)\n\n - CVE-2018-17985: Fixed a stack consumption problem caused by the\n cplus_demangle_type (bsc#1116827)\n\n - CVE-2018-18309: Fixed an invalid memory address dereference was\n discovered in read_reloc in reloc.c (bsc#1111996)\n\n - CVE-2018-18483: Fixed get_count function provided by libiberty that\n allowed attackers to cause a denial of service or other unspecified\n impact (bsc#1112535)\n\n - CVE-2018-18484: Fixed stack exhaustion in the C++ demangling functions\n provided by libiberty, caused by recursive stack frames (bsc#1112534)\n\n - CVE-2018-18605: Fixed a heap-based buffer over-read issue was discovered\n in the function sec_merge_hash_lookup causing a denial of service\n (bsc#1113255)\n\n - CVE-2018-18606: Fixed a NULL pointer dereference in\n _bfd_add_merge_section when attempting to merge sections with large\n alignments, causing denial of service (bsc#1113252)\n\n - CVE-2018-18607: Fixed a NULL pointer dereference in elf_link_input_bfd\n when used for finding STT_TLS symbols without any TLS section, causing\n denial of service (bsc#1113247)\n\n - CVE-2018-19931: Fixed a heap-based buffer overflow in\n bfd_elf32_swap_phdr_in in elfcode.h (bsc#1118831)\n\n - CVE-2018-19932: Fixed an integer overflow and infinite loop caused by\n the IS_CONTAINED_BY_LMA (bsc#1118830)\n\n - CVE-2018-20623: Fixed a use-after-free in the error function in\n elfcomm.c (bsc#1121035)\n\n - CVE-2018-20651: Fixed a denial of service via a NULL pointer dereference\n in elf_link_add_object_symbols in elflink.c (bsc#1121034)\n\n - CVE-2018-20671: Fixed an integer overflow that can trigger a heap-based\n buffer overflow in load_specific_debug_section in objdump.c\n (bsc#1121056)\n\n - CVE-2018-1000876: Fixed integer overflow in\n bfd_get_dynamic_reloc_upper_bound, bfd_canonicalize_dynamic_reloc in\n objdump (bsc#1120640)\n\n - CVE-2019-1010180: Fixed an out of bound memory access that could lead to\n crashes (bsc#1142772)\n\n - enable xtensa architecture (Tensilica lc6 and related)\n\n - Use -ffat-lto-objects in order to provide assembly for static libs\n (bsc#1141913).\n\n - Fixed some LTO build issues (bsc#1133131 bsc#1133232).\n\n - riscv: Don't check ABI flags if no code section\n ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'binutils' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils\", rpm:\"binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils-debuginfo\", rpm:\"binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils-debugsource\", rpm:\"binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils-devel\", rpm:\"binutils-devel~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils-gold\", rpm:\"binutils-gold~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils-gold-debuginfo\", rpm:\"binutils-gold-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils-devel-32bit\", rpm:\"binutils-devel-32bit~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-aarch64-binutils\", rpm:\"cross-aarch64-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-aarch64-binutils-debuginfo\", rpm:\"cross-aarch64-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-aarch64-binutils-debugsource\", rpm:\"cross-aarch64-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-arm-binutils\", rpm:\"cross-arm-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-arm-binutils-debuginfo\", rpm:\"cross-arm-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-arm-binutils-debugsource\", rpm:\"cross-arm-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-avr-binutils\", rpm:\"cross-avr-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-avr-binutils-debuginfo\", rpm:\"cross-avr-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-avr-binutils-debugsource\", rpm:\"cross-avr-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-epiphany-binutils\", rpm:\"cross-epiphany-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-epiphany-binutils-debuginfo\", rpm:\"cross-epiphany-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-epiphany-binutils-debugsource\", rpm:\"cross-epiphany-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-hppa-binutils\", rpm:\"cross-hppa-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-hppa-binutils-debuginfo\", rpm:\"cross-hppa-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-hppa-binutils-debugsource\", rpm:\"cross-hppa-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-hppa64-binutils\", rpm:\"cross-hppa64-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-hppa64-binutils-debuginfo\", rpm:\"cross-hppa64-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-hppa64-binutils-debugsource\", rpm:\"cross-hppa64-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-i386-binutils\", rpm:\"cross-i386-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-i386-binutils-debuginfo\", rpm:\"cross-i386-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-i386-binutils-debugsource\", rpm:\"cross-i386-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-ia64-binutils\", rpm:\"cross-ia64-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-ia64-binutils-debuginfo\", rpm:\"cross-ia64-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-ia64-binutils-debugsource\", rpm:\"cross-ia64-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-m68k-binutils\", rpm:\"cross-m68k-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-m68k-binutils-debuginfo\", rpm:\"cross-m68k-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-m68k-binutils-debugsource\", rpm:\"cross-m68k-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-mips-binutils\", rpm:\"cross-mips-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-mips-binutils-debuginfo\", rpm:\"cross-mips-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-mips-binutils-debugsource\", rpm:\"cross-mips-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-ppc-binutils\", rpm:\"cross-ppc-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-ppc-binutils-debuginfo\", rpm:\"cross-ppc-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-ppc-binutils-debugsource\", rpm:\"cross-ppc-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-ppc64-binutils\", rpm:\"cross-ppc64-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-ppc64-binutils-debuginfo\", rpm:\"cross-ppc64-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-ppc64-binutils-debugsource\", rpm:\"cross-ppc64-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-ppc64le-binutils\", rpm:\"cross-ppc64le-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-ppc64le-binutils-debuginfo\", rpm:\"cross-ppc64le-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-ppc64le-binutils-debugsource\", rpm:\"cross-ppc64le-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-riscv64-binutils\", rpm:\"cross-riscv64-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-riscv64-binutils-debuginfo\", rpm:\"cross-riscv64-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-riscv64-binutils-debugsource\", rpm:\"cross-riscv64-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-rx-binutils\", rpm:\"cross-rx-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-rx-binutils-debuginfo\", rpm:\"cross-rx-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-rx-binutils-debugsource\", rpm:\"cross-rx-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-s390-binutils\", rpm:\"cross-s390-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-s390-binutils-debuginfo\", rpm:\"cross-s390-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-s390-binutils-debugsource\", rpm:\"cross-s390-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-s390x-binutils\", rpm:\"cross-s390x-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-s390x-binutils-debuginfo\", rpm:\"cross-s390x-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-s390x-binutils-debugsource\", rpm:\"cross-s390x-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-sparc-binutils\", rpm:\"cross-sparc-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-sparc-binutils-debuginfo\", rpm:\"cross-sparc-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-sparc-binutils-debugsource\", rpm:\"cross-sparc-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-sparc64-binutils\", rpm:\"cross-sparc64-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-sparc64-binutils-debuginfo\", rpm:\"cross-sparc64-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-sparc64-binutils-debugsource\", rpm:\"cross-sparc64-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-spu-binutils\", rpm:\"cross-spu-binutils~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-spu-binutils-debuginfo\", rpm:\"cross-spu-binutils-debuginfo~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cross-spu-binutils-debugsource\", rpm:\"cross-spu-binutils-debugsource~2.32~lp151.3.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-17T17:01:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-8395", "CVE-2017-12451", "CVE-2019-9076", "CVE-2017-9755", "CVE-2019-1010204", "CVE-2017-9751", "CVE-2017-9744", "CVE-2017-17122", "CVE-2017-9042", "CVE-2017-7614", "CVE-2017-14529", "CVE-2018-18605", "CVE-2017-7299", "CVE-2017-15024", "CVE-2017-15025", "CVE-2018-17358", "CVE-2017-9746", "CVE-2019-9071", "CVE-2018-12697", "CVE-2017-15022", "CVE-2017-7300", "CVE-2017-9041", "CVE-2017-14930", "CVE-2017-9742", "CVE-2017-17080", "CVE-2019-14250", "CVE-2017-8396", "CVE-2017-14128", "CVE-2017-9038", "CVE-2017-14940", "CVE-2017-15225", "CVE-2017-8394", "CVE-2017-13710", "CVE-2017-9954", "CVE-2017-9039", "CVE-2019-1010180", "CVE-2017-14939", "CVE-2019-12972", "CVE-2017-9955", "CVE-2017-9753", "CVE-2018-17360", "CVE-2017-7303", "CVE-2017-9750", "CVE-2017-9756", "CVE-2017-17124", "CVE-2017-12799", "CVE-2017-9752", "CVE-2017-7302", "CVE-2017-14934", "CVE-2017-9748", "CVE-2018-19931", "CVE-2018-18483", "CVE-2018-6323", "CVE-2017-12452", "CVE-2019-9075", "CVE-2017-15938", "CVE-2018-20657", "CVE-2017-8393", "CVE-2017-12967", "CVE-2017-8397", "CVE-2017-16832", "CVE-2017-7301", "CVE-2019-17451", "CVE-2017-14932", "CVE-2017-14938", "CVE-2017-15021", "CVE-2017-15939", "CVE-2017-7304", "CVE-2018-18607", "CVE-2017-7209", "CVE-2017-9754", "CVE-2017-9749", "CVE-2017-9040", "CVE-2019-9070", "CVE-2017-8398", "CVE-2017-17121", "CVE-2017-17125", "CVE-2019-9074", "CVE-2017-15996", "CVE-2018-17359", "CVE-2017-9747", "CVE-2017-14129", "CVE-2017-17123", "CVE-2018-18606", "CVE-2017-9745"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-04-16T00:00:00", "published": "2020-04-16T00:00:00", "id": "OPENVAS:1361412562311220201466", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201466", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-1466)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1466\");\n script_version(\"2020-04-16T05:56:07+0000\");\n script_cve_id(\"CVE-2017-12451\", \"CVE-2017-12452\", \"CVE-2017-12799\", \"CVE-2017-12967\", \"CVE-2017-13710\", \"CVE-2017-14128\", \"CVE-2017-14129\", \"CVE-2017-14529\", \"CVE-2017-14930\", \"CVE-2017-14932\", \"CVE-2017-14934\", \"CVE-2017-14938\", \"CVE-2017-14939\", \"CVE-2017-14940\", \"CVE-2017-15021\", \"CVE-2017-15022\", \"CVE-2017-15024\", \"CVE-2017-15025\", \"CVE-2017-15225\", \"CVE-2017-15938\", \"CVE-2017-15939\", \"CVE-2017-15996\", \"CVE-2017-16832\", \"CVE-2017-17080\", \"CVE-2017-17121\", \"CVE-2017-17122\", \"CVE-2017-17123\", \"CVE-2017-17124\", \"CVE-2017-17125\", \"CVE-2017-7209\", \"CVE-2017-7299\", \"CVE-2017-7300\", \"CVE-2017-7301\", \"CVE-2017-7302\", \"CVE-2017-7303\", \"CVE-2017-7304\", \"CVE-2017-7614\", \"CVE-2017-8393\", \"CVE-2017-8394\", \"CVE-2017-8395\", \"CVE-2017-8396\", \"CVE-2017-8397\", \"CVE-2017-8398\", \"CVE-2017-9038\", \"CVE-2017-9039\", \"CVE-2017-9040\", \"CVE-2017-9041\", \"CVE-2017-9042\", \"CVE-2017-9742\", \"CVE-2017-9744\", \"CVE-2017-9745\", \"CVE-2017-9746\", \"CVE-2017-9747\", \"CVE-2017-9748\", \"CVE-2017-9749\", \"CVE-2017-9750\", \"CVE-2017-9751\", \"CVE-2017-9752\", \"CVE-2017-9753\", \"CVE-2017-9754\", \"CVE-2017-9755\", \"CVE-2017-9756\", \"CVE-2017-9954\", \"CVE-2017-9955\", \"CVE-2018-12697\", \"CVE-2018-17358\", \"CVE-2018-17359\", \"CVE-2018-17360\", \"CVE-2018-18483\", \"CVE-2018-18605\", \"CVE-2018-18606\", \"CVE-2018-18607\", \"CVE-2018-19931\", \"CVE-2018-20657\", \"CVE-2018-6323\", \"CVE-2019-1010180\", \"CVE-2019-1010204\", \"CVE-2019-12972\", \"CVE-2019-14250\", \"CVE-2019-17451\", \"CVE-2019-9070\", \"CVE-2019-9071\", \"CVE-2019-9074\", \"CVE-2019-9075\", \"CVE-2019-9076\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-16 05:56:07 +0000 (Thu, 16 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-16 05:56:07 +0000 (Thu, 16 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-1466)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.2\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1466\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1466\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'binutils' package(s) announced via the EulerOS-SA-2020-1466 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.(CVE-2017-9040)\n\nThe Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loading symbols, leading to a GNU linker (ld) program crash.(CVE-2017-7300)\n\nThe Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker (ld) program crash.(CVE-2017-7301)\n\nThe Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability causes Binutils utilities like strip to crash.(CVE-2017-7302)\n\nThe Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash.(CVE-2017-7303)\n\nThe Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vulnerability causes Binutils utilities like strip to crash.(CVE-2017-7304)\n\nThe Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy and strip, to crash.(CVE-2017-8393)\n\nThe Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc() return-value check to see if memory had ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'binutils' package(s) on Huawei EulerOS Virtualization 3.0.2.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.2.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"binutils\", rpm:\"binutils~2.27~28.base.1.h40.eulerosv2r7\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
