Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP3) (important)
2018-04-20T15:44:13
ID SUSE-SU-2018:1027-1 Type suse Reporter Suse Modified 2018-04-20T15:44:13
Description
This update for the Linux Kernel 4.4.103-6_33 fixes several issues.
The following security issues were fixed:
CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2
video driver (bsc#1085447).
CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface
for bridging allowed a privileged user to arbitrarily write to a limited
range of kernel memory (bsc#1085114).
CVE-2018-7566: Prevent buffer overflow via an
SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by
a local user (bsc#1083488).
CVE-2018-1000004: Prevent race condition in the sound system that could
have lead to a deadlock and denial of service condition (bsc#1076017).
{"enchantments": {"score": {"value": 6.9, "vector": "NONE", "modified": "2018-04-20T17:23:58", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-1068", "CVE-2018-1000004", "CVE-2017-13166", "CVE-2018-7566"]}, {"type": "suse", "idList": ["SUSE-SU-2018:1004-1", "SUSE-SU-2018:1033-1", "SUSE-SU-2018:0997-1", "SUSE-SU-2018:0993-1", "SUSE-SU-2018:1024-1", "SUSE-SU-2018:1032-1", "SUSE-SU-2018:1011-1", "SUSE-SU-2018:1010-1", "SUSE-SU-2018:1000-1", "SUSE-SU-2018:1008-1"]}, {"type": "nessus", "idList": ["SUSE_SU-2018-1034-1.NASL", "SUSE_SU-2018-0993-1.NASL", "SUSE_SU-2018-1015-1.NASL", "SUSE_SU-2018-1007-1.NASL", "SUSE_SU-2018-1014-1.NASL", "SUSE_SU-2018-1025-1.NASL", "SUSE_SU-2018-1031-1.NASL", "SUSE_SU-2018-1012-1.NASL", "SUSE_SU-2018-1000-1.NASL", "SUSE_SU-2018-0994-1.NASL"]}, {"type": "f5", "idList": ["F5:K03564319", "F5:K06208063"]}, {"type": "virtuozzo", "idList": ["VZA-2018-014", "VZA-2018-015"]}, {"type": "ubuntu", "idList": ["USN-3631-2", "USN-3631-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310843511", "OPENVAS:1361412562310843506"]}, {"type": "redhat", "idList": ["RHSA-2019:1487", "RHSA-2019:1483"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:6F9C2520DC97ECE6CB22CC0C19CA28F6"]}], "modified": "2018-04-20T17:23:58", "rev": 2}, "vulnersScore": 6.9}, "bulletinFamily": "unix", "references": ["https://bugzilla.suse.com/1085447", "https://bugzilla.suse.com/1085114", "https://bugzilla.suse.com/1073230", "https://bugzilla.suse.com/1083488", "https://bugzilla.suse.com/1076017"], "affectedPackage": [{"operator": "lt", "packageName": "kgraft-patch-4_4_103-6_33-default-4", "packageFilename": "kgraft-patch-4_4_103-6_33-default-4-2.1.ppc64le.rpm", "packageVersion": "2.1", "OS": "SUSE Linux Enterprise Live Patching", "arch": "ppc64le", "OSVersion": "12.3"}, {"operator": "lt", "packageName": "kgraft-patch-4_4_103-6_33-default-debuginfo-4", "packageFilename": "kgraft-patch-4_4_103-6_33-default-debuginfo-4-2.1.ppc64le.rpm", "packageVersion": "2.1", "OS": "SUSE Linux Enterprise Live Patching", "arch": "ppc64le", "OSVersion": "12.3"}, {"operator": "lt", "packageName": "kgraft-patch-4_4_103-6_33-default-debuginfo-4", "packageFilename": "kgraft-patch-4_4_103-6_33-default-debuginfo-4-2.1.x86_64.rpm", "packageVersion": "2.1", "OS": "SUSE Linux Enterprise Live Patching", "arch": "x86_64", "OSVersion": "12.3"}, {"operator": "lt", "packageName": "kgraft-patch-4_4_103-6_33-default-4", "packageFilename": "kgraft-patch-4_4_103-6_33-default-4-2.1.x86_64.rpm", "packageVersion": "2.1", "OS": "SUSE Linux Enterprise Live Patching", "arch": "x86_64", "OSVersion": "12.3"}], "href": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00053.html", "id": "SUSE-SU-2018:1027-1", "title": "Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP3) (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "lastseen": "2018-04-20T17:23:58", "edition": 1, "reporter": "Suse", "description": "This update for the Linux Kernel 4.4.103-6_33 fixes several issues.\n\n The following security issues were fixed:\n\n - CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2\n video driver (bsc#1085447).\n - CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface\n for bridging allowed a privileged user to arbitrarily write to a limited\n range of kernel memory (bsc#1085114).\n - CVE-2018-7566: Prevent buffer overflow via an\n SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by\n a local user (bsc#1083488).\n - CVE-2018-1000004: Prevent race condition in the sound system that could\n have lead to a deadlock and denial of service condition (bsc#1076017).\n\n", "modified": "2018-04-20T15:44:13", "viewCount": 54, "published": "2018-04-20T15:44:13", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"]}
{"cve": [{"lastseen": "2021-02-02T06:36:35", "description": "An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.", "edition": 5, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-12-06T14:29:00", "title": "CVE-2017-13166", "type": "cve", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-13166"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:google:android:-"], "id": "CVE-2017-13166", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13166", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:52:22", "description": "In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.", "edition": 8, "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-01-16T20:29:00", "title": "CVE-2018-1000004", "type": "cve", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000004"], "modified": "2020-07-15T03:15:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10", "cpe:/o:linux:linux_kernel:4.12", "cpe:/o:linux:linux_kernel:2.6.0"], "id": "CVE-2018-1000004", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1000004", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:52:42", "description": "The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.", "edition": 7, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-03-30T21:29:00", "title": "CVE-2018-7566", "type": "cve", "cwe": ["CWE-119", "CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7566"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/a:suse:linux_enterprise_module_for_public_cloud:12", "cpe:/o:linux:linux_kernel:4.15", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:oracle:communications_eagle_application_processor:16.1.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/a:oracle:communications_eagle_application_processor:16.2.0", "cpe:/o:suse:linux_enterprise_server:12", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-7566", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7566", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_eagle_application_processor:16.2.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:communications_eagle_application_processor:16.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:suse:linux_enterprise_module_for_public_cloud:12:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.15:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2021-02-02T06:52:24", "description": "A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.", "edition": 16, "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.7, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-03-16T16:29:00", "title": "CVE-2018-1068", "type": "cve", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1068"], "modified": "2019-05-14T23:29:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:linux:linux_kernel:4.16", "cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/a:redhat:virtualization_host:4.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2018-1068", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1068", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.16:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}], "suse": [{"lastseen": "2018-04-20T17:23:59", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "edition": 1, "description": "This update for the Linux Kernel 4.4.59-92_20 fixes several issues.\n\n The following security issues were fixed:\n\n - CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2\n video driver (bsc#1085447).\n - CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface\n for bridging allowed a privileged user to arbitrarily write to a limited\n range of kernel memory (bsc#1085114).\n - CVE-2018-7566: Prevent buffer overflow via an\n SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by\n a local user (bsc#1083488).\n - CVE-2018-1000004: Prevent race condition in the sound system that could\n have lead to a deadlock and denial of service condition (bsc#1076017).\n\n", "modified": "2018-04-20T15:35:36", "published": "2018-04-20T15:35:36", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00045.html", "id": "SUSE-SU-2018:1019-1", "title": "Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP2) (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-20T17:23:59", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "edition": 1, "description": "This update for the Linux Kernel 4.4.59-92_24 fixes several issues.\n\n The following security issues were fixed:\n\n - CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2\n video driver (bsc#1085447).\n - CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface\n for bridging allowed a privileged user to arbitrarily write to a limited\n range of kernel memory (bsc#1085114).\n - CVE-2018-7566: Prevent buffer overflow via an\n SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by\n a local user (bsc#1083488).\n - CVE-2018-1000004: Prevent race condition in the sound system that could\n have lead to a deadlock and denial of service condition (bsc#1076017).\n\n", "modified": "2018-04-20T15:37:51", "published": "2018-04-20T15:37:51", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00047.html", "id": "SUSE-SU-2018:1021-1", "title": "Security update for the Linux Kernel (Live Patch 9 for SLE 12 SP2) (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-20T17:23:59", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "edition": 1, "description": "This update for the Linux Kernel 3.12.61-52_101 fixes several issues.\n\n The following security issues were fixed:\n\n - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the\n kernel v4l2 video driver. (bsc#1085447).\n - CVE-2018-1068: A flaw was found in the Linux kernels implementation of\n 32-bit syscall interface for bridging. This allowed a privileged user to\n arbitrarily write to a limited range of kernel memory (bsc#1085114).\n - CVE-2018-1000004: A race condition vulnerability existed in the sound\n system, which could lead to a deadlock and denial of service condition\n (bsc#1076017)\n\n", "modified": "2018-04-20T15:13:37", "published": "2018-04-20T15:13:37", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00022.html", "id": "SUSE-SU-2018:0995-1", "title": "Security update for the Linux Kernel (Live Patch 28 for SLE 12) (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-20T17:23:57", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "edition": 1, "description": "This update for the Linux Kernel 4.4.82-6_9 fixes several issues.\n\n The following security issues were fixed:\n\n - CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2\n video driver (bsc#1085447).\n - CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface\n for bridging allowed a privileged user to arbitrarily write to a limited\n range of kernel memory (bsc#1085114).\n - CVE-2018-7566: Prevent buffer overflow via an\n SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by\n a local user (bsc#1083488).\n - CVE-2018-1000004: Prevent race condition in the sound system that could\n have lead to a deadlock and denial of service condition (bsc#1076017).\n\n", "modified": "2018-04-20T15:36:38", "published": "2018-04-20T15:36:38", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00046.html", "id": "SUSE-SU-2018:1020-1", "title": "Security update for the Linux Kernel (Live Patch 3 for SLE 12 SP3) (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-20T17:23:57", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "edition": 1, "description": "This update for the Linux Kernel 4.4.92-6_30 fixes several issues.\n\n The following security issues were fixed:\n\n - CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2\n video driver (bsc#1085447).\n - CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface\n for bridging allowed a privileged user to arbitrarily write to a limited\n range of kernel memory (bsc#1085114).\n - CVE-2018-7566: Prevent buffer overflow via an\n SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by\n a local user (bsc#1083488).\n - CVE-2018-1000004: Prevent race condition in the sound system that could\n have lead to a deadlock and denial of service condition (bsc#1076017).\n\n", "modified": "2018-04-20T15:45:23", "published": "2018-04-20T15:45:23", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00054.html", "id": "SUSE-SU-2018:1028-1", "title": "Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP3) (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-20T17:24:00", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "edition": 1, "description": "This update for the Linux Kernel 3.12.61-52_80 fixes several issues.\n\n The following security issues were fixed:\n\n - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the\n kernel v4l2 video driver. (bsc#1085447).\n - CVE-2018-1068: A flaw was found in the Linux kernels implementation of\n 32-bit syscall interface for bridging. This allowed a privileged user to\n arbitrarily write to a limited range of kernel memory (bsc#1085114).\n - CVE-2018-1000004: A race condition vulnerability existed in the sound\n system, which could lead to a deadlock and denial of service condition\n (bsc#1076017)\n\n", "modified": "2018-04-20T15:23:42", "published": "2018-04-20T15:23:42", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00033.html", "id": "SUSE-SU-2018:1006-1", "title": "Security update for the Linux Kernel (Live Patch 23 for SLE 12) (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-20T17:23:57", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "edition": 1, "description": "This update for the Linux Kernel 3.12.61-52_106 fixes several issues.\n\n The following security issues were fixed:\n\n - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the\n kernel v4l2 video driver. (bsc#1085447).\n - CVE-2018-1068: A flaw was found in the Linux kernels implementation of\n 32-bit syscall interface for bridging. This allowed a privileged user to\n arbitrarily write to a limited range of kernel memory (bsc#1085114).\n - CVE-2018-1000004: A race condition vulnerability existed in the sound\n system, which could lead to a deadlock and denial of service condition\n (bsc#1076017)\n\n", "modified": "2018-04-20T15:46:29", "published": "2018-04-20T15:46:29", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00055.html", "id": "SUSE-SU-2018:1029-1", "title": "Security update for the Linux Kernel (Live Patch 29 for SLE 12) (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-20T17:24:00", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "edition": 1, "description": "This update for the Linux Kernel 3.12.74-60_64_66 fixes several issues.\n\n The following security issues were fixed:\n\n - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the\n kernel v4l2 video driver. (bsc#1085447).\n - CVE-2018-1068: A flaw was found in the Linux kernels implementation of\n 32-bit syscall interface for bridging. This allowed a privileged user to\n arbitrarily write to a limited range of kernel memory (bsc#1085114).\n - CVE-2018-1000004: A race condition vulnerability existed in the sound\n system, which could lead to a deadlock and denial of service condition\n (bsc#1076017)\n\n", "modified": "2018-04-20T15:34:35", "published": "2018-04-20T15:34:35", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00044.html", "id": "SUSE-SU-2018:1018-1", "title": "Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP1) (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-20T17:23:57", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "edition": 1, "description": "This update for the Linux Kernel 4.4.103-6_38 fixes several issues.\n\n The following security issues were fixed:\n\n - CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2\n video driver (bsc#1085447).\n - CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface\n for bridging allowed a privileged user to arbitrarily write to a limited\n range of kernel memory (bsc#1085114).\n - CVE-2018-7566: Prevent buffer overflow via an\n SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by\n a local user (bsc#1083488).\n - CVE-2018-1000004: Prevent race condition in the sound system that could\n have lead to a deadlock and denial of service condition (bsc#1076017).\n\n", "modified": "2018-04-20T15:39:05", "published": "2018-04-20T15:39:05", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00048.html", "id": "SUSE-SU-2018:1022-1", "title": "Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP3) (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-20T17:24:00", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "edition": 1, "description": "This update for the Linux Kernel 4.4.103-92_56 fixes several issues.\n\n The following security issues were fixed:\n\n - CVE-2017-13166: Prevent elevation of privilege vulnerability in the v4l2\n video driver (bsc#1085447).\n - CVE-2018-1068: A flaw in the implementation of 32-bit syscall interface\n for bridging allowed a privileged user to arbitrarily write to a limited\n range of kernel memory (bsc#1085114).\n - CVE-2018-7566: Prevent buffer overflow via an\n SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by\n a local user (bsc#1083488).\n - CVE-2018-1000004: Prevent race condition in the sound system that could\n have lead to a deadlock and denial of service condition (bsc#1076017).\n\n", "modified": "2018-04-20T15:48:16", "published": "2018-04-20T15:48:16", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-04/msg00057.html", "id": "SUSE-SU-2018:1031-1", "title": "Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP2) (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-03-01T06:53:33", "description": "This update for the Linux Kernel 3.12.61-52_72 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-23T00:00:00", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1010-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_72-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_72-xen"], "id": "SUSE_SU-2018-1010-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109259", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1010-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109259);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-13166\", \"CVE-2018-1000004\", \"CVE-2018-1068\", \"CVE-2018-7566\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1010-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.61-52_72 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7566/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181010-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7402f5de\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-700=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_72-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_72-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_72-default-9-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_72-xen-9-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T06:53:32", "description": "This update for the Linux Kernel 3.12.74-60_64_57 fixes several\nissues. The following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-23T00:00:00", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1005-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_57-xen", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_57-default"], "id": "SUSE_SU-2018-1005-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109254", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1005-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109254);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-13166\", \"CVE-2018-1000004\", \"CVE-2018-1068\", \"CVE-2018-7566\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1005-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.74-60_64_57 fixes several\nissues. The following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7566/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181005-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c4edce14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2018-690=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2018-690=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_57-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_57-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_57-default-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_57-xen-7-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T06:53:30", "description": "This update for the Linux Kernel 3.12.61-52_101 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-23T00:00:00", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0995-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_101-default", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_101-xen"], "id": "SUSE_SU-2018-0995-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109247", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0995-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109247);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-13166\", \"CVE-2018-1000004\", \"CVE-2018-1068\", \"CVE-2018-7566\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0995-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.61-52_101 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7566/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180995-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?593729c7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-698=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_101-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_101-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_101-default-4-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_101-xen-4-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T06:53:37", "description": "This update for the Linux Kernel 3.12.74-60_64_54 fixes several\nissues. The following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-23T00:00:00", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1032-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_54-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_54-xen"], "id": "SUSE_SU-2018-1032-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109274", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1032-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109274);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-13166\", \"CVE-2018-1000004\", \"CVE-2018-1068\", \"CVE-2018-7566\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1032-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.74-60_64_54 fixes several\nissues. The following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7566/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181032-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?103ca89c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2018-685=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2018-685=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_54-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_54-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_54-default-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_54-xen-7-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T06:53:33", "description": "This update for the Linux Kernel 3.12.74-60_64_45 fixes several\nissues. The following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-23T00:00:00", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1008-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_45-xen", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_45-default"], "id": "SUSE_SU-2018-1008-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109257", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1008-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109257);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-13166\", \"CVE-2018-1000004\", \"CVE-2018-1068\", \"CVE-2018-7566\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1008-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.74-60_64_45 fixes several\nissues. The following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7566/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181008-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?79c65c4d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2018-689=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2018-689=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_45-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_45-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_45-default-9-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_45-xen-9-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T06:53:33", "description": "This update for the Linux Kernel 3.12.61-52_86 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-23T00:00:00", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1009-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_86-xen", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_86-default"], "id": "SUSE_SU-2018-1009-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109258", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1009-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109258);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-13166\", \"CVE-2018-1000004\", \"CVE-2018-1068\", \"CVE-2018-7566\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1009-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.61-52_86 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7566/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181009-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?61bfc7f2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-703=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_86-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_86-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_86-default-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_86-xen-7-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T06:53:40", "description": "This update for the Linux Kernel 4.4.74-92_29 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: Prevent elevation of privilege\n vulnerability in the v4l2 video driver (bsc#1085447).\n\n - CVE-2018-1068: A flaw in the implementation of 32-bit\n syscall interface for bridging allowed a privileged user\n to arbitrarily write to a limited range of kernel memory\n (bsc#1085114).\n\n - CVE-2018-7566: Prevent buffer overflow via an\n SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to\n /dev/snd/seq by a local user (bsc#1083488).\n\n - CVE-2018-1000004: Prevent race condition in the sound\n system that could have lead to a deadlock and denial of\n service condition (bsc#1076017).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-23T00:00:00", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1033-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_74-92_29-default"], "id": "SUSE_SU-2018-1033-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109275", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1033-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109275);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-13166\", \"CVE-2018-1000004\", \"CVE-2018-1068\", \"CVE-2018-7566\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1033-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 4.4.74-92_29 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: Prevent elevation of privilege\n vulnerability in the v4l2 video driver (bsc#1085447).\n\n - CVE-2018-1068: A flaw in the implementation of 32-bit\n syscall interface for bridging allowed a privileged user\n to arbitrarily write to a limited range of kernel memory\n (bsc#1085114).\n\n - CVE-2018-7566: Prevent buffer overflow via an\n SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to\n /dev/snd/seq by a local user (bsc#1083488).\n\n - CVE-2018-1000004: Prevent race condition in the sound\n system that could have lead to a deadlock and denial of\n service condition (bsc#1076017).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7566/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181033-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4e46ba00\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2018-669=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-669=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_74-92_29-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_74-92_29-default-9-2.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T06:53:32", "description": "This update for the Linux Kernel 4.4.103-92_53 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: Prevent elevation of privilege\n vulnerability in the v4l2 video driver (bsc#1085447).\n\n - CVE-2018-1068: A flaw in the implementation of 32-bit\n syscall interface for bridging allowed a privileged user\n to arbitrarily write to a limited range of kernel memory\n (bsc#1085114).\n\n - CVE-2018-7566: Prevent buffer overflow via an\n SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to\n /dev/snd/seq by a local user (bsc#1083488).\n\n - CVE-2018-1000004: Prevent race condition in the sound\n system that could have lead to a deadlock and denial of\n service condition (bsc#1076017).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-23T00:00:00", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1004-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_103-92_53-default"], "id": "SUSE_SU-2018-1004-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109253", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1004-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109253);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-13166\", \"CVE-2018-1000004\", \"CVE-2018-1068\", \"CVE-2018-7566\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1004-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 4.4.103-92_53 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: Prevent elevation of privilege\n vulnerability in the v4l2 video driver (bsc#1085447).\n\n - CVE-2018-1068: A flaw in the implementation of 32-bit\n syscall interface for bridging allowed a privileged user\n to arbitrarily write to a limited range of kernel memory\n (bsc#1085114).\n\n - CVE-2018-7566: Prevent buffer overflow via an\n SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to\n /dev/snd/seq by a local user (bsc#1083488).\n\n - CVE-2018-1000004: Prevent race condition in the sound\n system that could have lead to a deadlock and denial of\n service condition (bsc#1076017).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7566/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181004-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8625431e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2018-672=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-672=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_103-92_53-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_103-92_53-default-4-2.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T06:53:31", "description": "This update for the Linux Kernel 3.12.61-52_83 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-23T00:00:00", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0996-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_83-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_83-xen"], "id": "SUSE_SU-2018-0996-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109248", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0996-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109248);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-13166\", \"CVE-2018-1000004\", \"CVE-2018-1068\", \"CVE-2018-7566\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0996-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.61-52_83 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7566/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180996-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bbb302ec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-704=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_83-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_83-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_83-default-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_83-xen-7-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-03-01T06:53:31", "description": "This update for the Linux Kernel 3.12.61-52_92 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-23T00:00:00", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1001-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13166", "CVE-2018-1068"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_92-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_92-xen"], "id": "SUSE_SU-2018-1001-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109251", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1001-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109251);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-13166\", \"CVE-2018-1000004\", \"CVE-2018-1068\", \"CVE-2018-7566\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1001-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.61-52_92 fixes several issues.\nThe following security issues were fixed :\n\n - CVE-2017-13166: An elevation of privilege vulnerability\n was fixed in the kernel v4l2 video driver.\n (bsc#1085447).\n\n - CVE-2018-1068: A flaw was found in the Linux kernels\n implementation of 32-bit syscall interface for bridging.\n This allowed a privileged user to arbitrarily write to a\n limited range of kernel memory (bsc#1085114).\n\n - CVE-2018-1000004: A race condition vulnerability existed\n in the sound system, which could lead to a deadlock and\n denial of service condition (bsc#1076017)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-13166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000004/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7566/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181001-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0a40a84c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-705=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_92-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_92-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_92-default-6-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_92-xen-6-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "f5": [{"lastseen": "2020-04-06T22:39:40", "bulletinFamily": "software", "cvelist": ["CVE-2018-1000004"], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2018-09-04T21:57:00", "published": "2018-09-04T21:57:00", "id": "F5:K06208063", "href": "https://support.f5.com/csp/article/K06208063", "title": "Linux kernel vulnerability CVE-2018-1000004", "type": "f5", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-04-06T22:39:36", "bulletinFamily": "software", "cvelist": ["CVE-2018-7566"], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2018-09-11T02:52:00", "published": "2018-09-11T02:52:00", "id": "F5:K03564319", "href": "https://support.f5.com/csp/article/K03564319", "title": "Linux kernel vulnerability CVE-2018-7566", "type": "f5", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "virtuozzo": [{"lastseen": "2019-11-05T11:27:56", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1068"], "description": "The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to the Virtuozzo 7.0 kernel 3.10.0-693.17.1.vz7.43.10 (7.0.7).\n**Vulnerability id:** CVE-2018-1068\nIt was discovered that the implementation of ebtables in the kernel did not properly validate the offsets received from the user space. A local user with enough privileges in the user and network namespaces could use that to trigger an out-of-bounds write to the kernel address space.\n\n", "edition": 1, "modified": "2018-03-22T00:00:00", "published": "2018-03-22T00:00:00", "id": "VZA-2018-015", "href": "https://help.virtuozzo.com/customer/portal/articles/2930229", "title": "Important kernel security update: CVE-2018-1068; Virtuozzo ReadyKernel patch 47.0 for Virtuozzo 7.0.7", "type": "virtuozzo", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-05T11:28:16", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1068"], "description": "The cumulative Virtuozzo ReadyKernel patch was updated with a security fix. The patch applies to all supported Virtuozzo 7.0 kernels except 3.10.0-693.17.1.vz7.43.10 (7.0.7).\n**Vulnerability id:** CVE-2018-1068\nIt was discovered that the implementation of ebtables in the kernel did not properly validate the offsets received from the user space. A local user with enough privileges in the user and network namespaces could use that to trigger an out-of-bounds write to the kernel address space.\n\n", "edition": 1, "modified": "2018-03-22T00:00:00", "published": "2018-03-22T00:00:00", "id": "VZA-2018-014", "href": "https://help.virtuozzo.com/customer/portal/articles/2930228", "title": "Important kernel security update: CVE-2018-1068; Virtuozzo ReadyKernel patch 47.0 for Virtuozzo 7.0.1 to 7.0.6 HF3", "type": "virtuozzo", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:34:18", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13305", "CVE-2018-5750", "CVE-2017-16538"], "description": "USN-3631-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 \nLTS. This update provides the corresponding updates for the Linux \nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu \n14.04 LTS.\n\nIt was discovered that a buffer overread vulnerability existed in the \nkeyring subsystem of the Linux kernel. A local attacker could possibly use \nthis to expose sensitive information (kernel memory). (CVE-2017-13305)\n\nIt was discovered that the DM04/QQBOX USB driver in the Linux kernel did \nnot properly handle device attachment and warm-start. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash) or possibly execute arbitrary code. (CVE-2017-16538)\n\nLuo Quan and Wei Yang discovered that a race condition existed in the \nAdvanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel when \nhandling ioctl()s. A local attacker could use this to cause a denial of \nservice (system deadlock). (CVE-2018-1000004)\n\nWang Qize discovered that an information disclosure vulnerability existed \nin the SMBus driver for ACPI Embedded Controllers in the Linux kernel. A \nlocal attacker could use this to expose sensitive information (kernel \npointer addresses). (CVE-2018-5750)\n\n\u8303\u9f99\u98de discovered that a race condition existed in the Advanced Linux \nSound Architecture (ALSA) subsystem of the Linux kernel that could lead to \na use-after-free or an out-of-bounds buffer access. A local attacker with \naccess to /dev/snd/seq could use this to cause a denial of service (system \ncrash) or possibly execute arbitrary code. (CVE-2018-7566)", "edition": 6, "modified": "2018-04-24T00:00:00", "published": "2018-04-24T00:00:00", "id": "USN-3631-2", "href": "https://ubuntu.com/security/notices/USN-3631-2", "title": "Linux kernel (Xenial HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:35:22", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13305", "CVE-2018-5750", "CVE-2017-16538"], "description": "It was discovered that a buffer overread vulnerability existed in the \nkeyring subsystem of the Linux kernel. A local attacker could possibly use \nthis to expose sensitive information (kernel memory). (CVE-2017-13305)\n\nIt was discovered that the DM04/QQBOX USB driver in the Linux kernel did \nnot properly handle device attachment and warm-start. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash) or possibly execute arbitrary code. (CVE-2017-16538)\n\nLuo Quan and Wei Yang discovered that a race condition existed in the \nAdvanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel when \nhandling ioctl()s. A local attacker could use this to cause a denial of \nservice (system deadlock). (CVE-2018-1000004)\n\nWang Qize discovered that an information disclosure vulnerability existed \nin the SMBus driver for ACPI Embedded Controllers in the Linux kernel. A \nlocal attacker could use this to expose sensitive information (kernel \npointer addresses). (CVE-2018-5750)\n\n\u8303\u9f99\u98de discovered that a race condition existed in the Advanced Linux \nSound Architecture (ALSA) subsystem of the Linux kernel that could lead to \na use-after-free or an out-of-bounds buffer access. A local attacker with \naccess to /dev/snd/seq could use this to cause a denial of service (system \ncrash) or possibly execute arbitrary code. (CVE-2018-7566)", "edition": 6, "modified": "2018-04-24T00:00:00", "published": "2018-04-24T00:00:00", "id": "USN-3631-1", "href": "https://ubuntu.com/security/notices/USN-3631-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:33:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13305", "CVE-2018-5750", "CVE-2017-16538"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2018-04-25T00:00:00", "id": "OPENVAS:1361412562310843511", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843511", "type": "openvas", "title": "Ubuntu Update for linux USN-3631-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3631_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-3631-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843511\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-25 08:38:09 +0200 (Wed, 25 Apr 2018)\");\n script_cve_id(\"CVE-2017-13305\", \"CVE-2017-16538\", \"CVE-2018-1000004\",\n \"CVE-2018-5750\", \"CVE-2018-7566\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3631-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that a buffer overread\n vulnerability existed in the keyring subsystem of the Linux kernel. A local\n attacker could possibly use this to expose sensitive information (kernel\n memory). (CVE-2017-13305) It was discovered that the DM04/QQBOX USB driver in\n the Linux kernel did not properly handle device attachment and warm-start. A\n physically proximate attacker could use this to cause a denial of service\n (system crash) or possibly execute arbitrary code. (CVE-2017-16538) Luo Quan and\n Wei Yang discovered that a race condition existed in the Advanced Linux Sound\n Architecture (ALSA) subsystem of the Linux kernel when handling ioctl()s. A\n local attacker could use this to cause a denial of service (system deadlock).\n (CVE-2018-1000004) Wang Qize discovered that an information disclosure\n vulnerability existed in the SMBus driver for ACPI Embedded Controllers in the\n Linux kernel. A local attacker could use this to expose sensitive information\n (kernel pointer addresses). (CVE-2018-5750) discovered that a race condition\n existed in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux\n kernel that could lead to a use-after-free or an out-of-bounds buffer access. A\n local attacker with access to /dev/snd/seq could use this to cause a denial of\n service (system crash) or possibly execute arbitrary code. (CVE-2018-7566)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3631-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3631-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1021-kvm\", ver:\"4.4.0-1021.26\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1055-aws\", ver:\"4.4.0-1055.64\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1087-raspi2\", ver:\"4.4.0-1087.95\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1090-snapdragon\", ver:\"4.4.0-1090.95\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-generic\", ver:\"4.4.0-121.145\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-generic-lpae\", ver:\"4.4.0-121.145\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-lowlatency\", ver:\"4.4.0-121.145\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-powerpc-e500mc\", ver:\"4.4.0-121.145\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-powerpc-smp\", ver:\"4.4.0-121.145\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-powerpc64-emb\", ver:\"4.4.0-121.145\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-powerpc64-smp\", ver:\"4.4.0-121.145\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1055.57\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.121.127\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.121.127\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.4.0.1021.20\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.121.127\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.121.127\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.121.127\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.121.127\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.121.127\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.4.0.1087.87\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1090.82\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13305", "CVE-2018-5750", "CVE-2017-16538"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2018-04-25T00:00:00", "id": "OPENVAS:1361412562310843506", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843506", "type": "openvas", "title": "Ubuntu Update for linux-aws USN-3631-2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3631_2.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-aws USN-3631-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843506\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-04-25 08:36:58 +0200 (Wed, 25 Apr 2018)\");\n script_cve_id(\"CVE-2017-13305\", \"CVE-2017-16538\", \"CVE-2018-1000004\", \"CVE-2018-5750\",\n \"CVE-2018-7566\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-aws USN-3631-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-aws'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3631-1 fixed vulnerabilities in the\n Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding\n updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for\n Ubuntu 14.04 LTS. It was discovered that a buffer overread vulnerability existed\n in the keyring subsystem of the Linux kernel. A local attacker could possibly\n use this to expose sensitive information (kernel memory). (CVE-2017-13305) It\n was discovered that the DM04/QQBOX USB driver in the Linux kernel did not\n properly handle device attachment and warm-start. A physically proximate\n attacker could use this to cause a denial of service (system crash) or possibly\n execute arbitrary code. (CVE-2017-16538) Luo Quan and Wei Yang discovered that a\n race condition existed in the Advanced Linux Sound Architecture (ALSA) subsystem\n of the Linux kernel when handling ioctl()s. A local attacker could use this to\n cause a denial of service (system deadlock). (CVE-2018-1000004) Wang Qize\n discovered that an information disclosure vulnerability existed in the SMBus\n driver for ACPI Embedded Controllers in the Linux kernel. A local attacker could\n use this to expose sensitive information (kernel pointer addresses).\n (CVE-2018-5750) discovered that a race condition existed in the Advanced Linux\n Sound Architecture (ALSA) subsystem of the Linux kernel that could lead to a\n use-after-free or an out-of-bounds buffer access. A local attacker with access\n to /dev/snd/seq could use this to cause a denial of service (system crash) or\n possibly execute arbitrary code. (CVE-2018-7566)\");\n script_tag(name:\"affected\", value:\"linux-aws on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3631-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3631-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1017-aws\", ver:\"4.4.0-1017.17\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-generic\", ver:\"4.4.0-121.145~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-generic-lpae\", ver:\"4.4.0-121.145~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-lowlatency\", ver:\"4.4.0-121.145~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-powerpc-e500mc\", ver:\"4.4.0-121.145~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-powerpc-smp\", ver:\"4.4.0-121.145~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-powerpc64-emb\", ver:\"4.4.0-121.145~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-121-powerpc64-smp\", ver:\"4.4.0-121.145~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1017.17\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-lts-xenial\", ver:\"4.4.0.121.102\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lts-xenial\", ver:\"4.4.0.121.102\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-lts-xenial\", ver:\"4.4.0.121.102\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc-lts-xenial\", ver:\"4.4.0.121.102\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp-lts-xenial\", ver:\"4.4.0.121.102\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb-lts-xenial\", ver:\"4.4.0.121.102\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp-lts-xenial\", ver:\"4.4.0.121.102\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:33", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479"], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes. To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service (DoS). (CVE-2019-11477)\n\n* kernel: race condition in snd_seq_write() may lead to UAF or OOB-access (CVE-2018-7566)\n\n* kernel: Race condition in sound system can lead to denial of service (CVE-2018-1000004)\n\n* Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service (CVE-2019-11478)\n\n* Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service (CVE-2019-11479)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Mistmach between 'tty->termios->c_lflag' and 'ldata->icanon' for 'ICANON' (BZ#1708061)\n\n* RHEL7: rwsem reader/writer mutual exclusion guarantee may not work (BZ#1709702)\n\n* hardened usercopy is causing crash (BZ#1712311)\n\n* [RHEL7] md_clear flag missing from /proc/cpuinfo on late microcode update (BZ#1712991)\n\n* [RHEL7] MDS mitigations are not enabled after double microcode update (BZ#1712996)\n\n* WARNING: CPU: 0 PID: 0 at kernel/jump_label.c:90 __static_key_slow_dec+0xa6/0xb0 (BZ#1713002)\n\n* [debug kernel] [x86_64]INFO: possible circular locking dependency detected (BZ#1715326)\n\n* RHEL-7.7: tty: termios_rwsem possible deadlock (BZ#1715329)\n\nEnhancement(s):\n\n* [MCHP 7.7 FEAT] Update smartpqi driver to latest upstream (BZ#1709467)", "modified": "2019-06-17T22:52:54", "published": "2019-06-17T22:34:36", "id": "RHSA-2019:1483", "href": "https://access.redhat.com/errata/RHSA-2019:1483", "type": "redhat", "title": "(RHSA-2019:1483) Important: kernel security, bug fix, and enhancement update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:46:32", "bulletinFamily": "unix", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479"], "description": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes. To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service (DoS). (CVE-2019-11477)\n\n* kernel: race condition in snd_seq_write() may lead to UAF or OOB-access (CVE-2018-7566)\n\n* kernel: Race condition in sound system can lead to denial of service (CVE-2018-1000004)\n\n* Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service (CVE-2019-11478)\n\n* Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service (CVE-2019-11479)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* update the MRG 2.5.z 3.10 kernel-rt sources (BZ#1711010)", "modified": "2019-06-17T23:51:04", "published": "2019-06-17T23:45:17", "id": "RHSA-2019:1487", "href": "https://access.redhat.com/errata/RHSA-2019:1487", "type": "redhat", "title": "(RHSA-2019:1487) Important: kernel-rt security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:58", "bulletinFamily": "software", "cvelist": ["CVE-2018-1000004", "CVE-2018-7566", "CVE-2017-13305", "CVE-2018-5750", "CVE-2017-16538"], "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n\n# Description\n\nUSN-3631-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.\n\nIt was discovered that a buffer overread vulnerability existed in the keyring subsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2017-13305)\n\nIt was discovered that the DM04/QQBOX USB driver in the Linux kernel did not properly handle device attachment and warm-start. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16538)\n\nLuo Quan and Wei Yang discovered that a race condition existed in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system deadlock). (CVE-2018-1000004)\n\nWang Qize discovered that an information disclosure vulnerability existed in the SMBus driver for ACPI Embedded Controllers in the Linux kernel. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2018-5750)\n\n\u8303\u9f99\u98de discovered that a race condition existed in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel that could lead to a use-after-free or an out-of-bounds buffer access. A local attacker with access to /dev/snd/seq could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-7566)\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Cloud Foundry BOSH stemcells are vulnerable, including: \n * 3363.x versions prior to 3363.60\n * 3421.x versions prior to 3421.56\n * 3445.x versions prior to 3445.42\n * 3468.x versions prior to 3468.41\n * 3541.x versions prior to 3541.24\n * 3586.x versions prior to 3586.5\n * All other stemcells not listed.\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends upgrading the following BOSH stemcells: \n * Upgrade 3363.x versions to 3363.60\n * Upgrade 3421.x versions to 3421.56\n * Upgrade 3445.x versions to 3445.42\n * Upgrade 3468.x versions to 3468.41\n * Upgrade 3541.x versions to 3541.24\n * Upgrade 3586.x versions to 3586.5\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io>).\n\n# References\n\n * [USN-3631-2](<https://usn.ubuntu.com/3631-2/>)\n * [CVE-2017-13305](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13305>)\n * [CVE-2017-16538](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16538>)\n * [CVE-2018-1000004](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-1000004>)\n * [CVE-2018-5750](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-5750>)\n * [CVE-2018-7566](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7566>)\n", "edition": 5, "modified": "2018-05-09T00:00:00", "published": "2018-05-09T00:00:00", "id": "CFOUNDRY:6F9C2520DC97ECE6CB22CC0C19CA28F6", "href": "https://www.cloudfoundry.org/blog/usn-3631-2/", "title": "USN-3631-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}
