Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.CENTOS_RHSA-2019-2079.NASLHistoryAug 30, 2019 - 12:00 a.m.
CentOS 7 : gdm / libX11 / libxkbcommon / xorg-x11-drv-ati / xorg-x11-drv-vesa / etc (CESA-2019:2079)
2019-08-3000:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
141
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
0.05 Low
EPSS
Percentile
92.9%
An update for Xorg is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.
Security Fix(es) :
-
libX11: Crash on invalid reply in XListExtensions in ListExt.c (CVE-2018-14598)
-
libX11: Off-by-one error in XListExtensions in ListExt.c (CVE-2018-14599)
-
libX11: Out of Bounds write in XListExtensions in ListExt.c (CVE-2018-14600)
-
libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a crash (CVE-2018-15857)
-
libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a crash (CVE-2018-15853)
-
libxkbcommon: NULL pointer dereference resulting in a crash (CVE-2018-15854)
-
libxkbcommon: NULL pointer dereference when handling xkb_geometry (CVE-2018-15855)
-
libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting in a crash (CVE-2018-15856)
-
libxkbcommon: NULL pointer dereference when parsing invalid atoms in ExprResolveLhs resulting in a crash (CVE-2018-15859)
-
libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash (CVE-2018-15861)
-
libxkbcommon: NULL pointer dereference in LookupModMask resulting in a crash (CVE-2018-15862)
-
libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash (CVE-2018-15863)
-
libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash (CVE-2018-15864)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes :
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2019:2079 and
# CentOS Errata and Security Advisory 2019:2079 respectively.
#
include('compat.inc');
if (description)
{
script_id(128349);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/30");
script_cve_id(
"CVE-2018-14598",
"CVE-2018-14599",
"CVE-2018-14600",
"CVE-2018-15853",
"CVE-2018-15854",
"CVE-2018-15855",
"CVE-2018-15856",
"CVE-2018-15857",
"CVE-2018-15859",
"CVE-2018-15861",
"CVE-2018-15862",
"CVE-2018-15863",
"CVE-2018-15864"
);
script_xref(name:"RHSA", value:"2019:2079");
script_name(english:"CentOS 7 : gdm / libX11 / libxkbcommon / xorg-x11-drv-ati / xorg-x11-drv-vesa / etc (CESA-2019:2079)");
script_set_attribute(attribute:"synopsis", value:
"The remote CentOS host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"An update for Xorg is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security
impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.
X.Org is an open source implementation of the X Window System. It
provides the basic low-level functionality that full-fledged graphical
user interfaces are designed upon.
Security Fix(es) :
* libX11: Crash on invalid reply in XListExtensions in ListExt.c
(CVE-2018-14598)
* libX11: Off-by-one error in XListExtensions in ListExt.c
(CVE-2018-14599)
* libX11: Out of Bounds write in XListExtensions in ListExt.c
(CVE-2018-14600)
* libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in
a crash (CVE-2018-15857)
* libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a
crash (CVE-2018-15853)
* libxkbcommon: NULL pointer dereference resulting in a crash
(CVE-2018-15854)
* libxkbcommon: NULL pointer dereference when handling xkb_geometry
(CVE-2018-15855)
* libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting
in a crash (CVE-2018-15856)
* libxkbcommon: NULL pointer dereference when parsing invalid atoms in
ExprResolveLhs resulting in a crash (CVE-2018-15859)
* libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting
in a crash (CVE-2018-15861)
* libxkbcommon: NULL pointer dereference in LookupModMask resulting in
a crash (CVE-2018-15862)
* libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate
resulting in a crash (CVE-2018-15863)
* libxkbcommon: NULL pointer dereference in resolve_keysym resulting
in a crash (CVE-2018-15864)
For more details about the security issue(s), including the impact, a
CVSS score, acknowledgments, and other related information, refer to
the CVE page(s) listed in the References section.
Additional Changes :
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.7 Release Notes linked from the References section.");
# https://lists.centos.org/pipermail/centos-announce/2020-February/035636.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2b8a2b52");
# https://lists.centos.org/pipermail/centos-cr-announce/2019-August/005880.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b275660e");
# https://lists.centos.org/pipermail/centos-cr-announce/2019-August/005976.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d789b3c9");
# https://lists.centos.org/pipermail/centos-cr-announce/2019-August/005977.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?77cf2be0");
# https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006188.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?49b31e3a");
# https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006189.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?cca149cc");
# https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006190.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1da8f52b");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-14600");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/24");
script_set_attribute(attribute:"patch_publication_date", value:"2020/02/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/30");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gdm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gdm-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:gdm-pam-extensions-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libX11");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libX11-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libX11-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libxkbcommon");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libxkbcommon-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libxkbcommon-x11");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libxkbcommon-x11-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xorg-x11-drv-ati");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xorg-x11-drv-vesa");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xorg-x11-drv-wacom");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xorg-x11-drv-wacom-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xorg-x11-server-Xdmx");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xorg-x11-server-Xephyr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xorg-x11-server-Xnest");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xorg-x11-server-Xorg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xorg-x11-server-Xvfb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xorg-x11-server-Xwayland");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xorg-x11-server-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xorg-x11-server-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:xorg-x11-server-source");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CentOS Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 7.x", "CentOS " + os_ver);
if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
flag = 0;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"gdm-3.28.2-16.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"gdm-devel-3.28.2-16.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"gdm-pam-extensions-devel-3.28.2-16.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libX11-1.6.7-2.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libX11-common-1.6.7-2.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libX11-devel-1.6.7-2.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libxkbcommon-0.7.1-3.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libxkbcommon-devel-0.7.1-3.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libxkbcommon-x11-0.7.1-3.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"libxkbcommon-x11-devel-0.7.1-3.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"xorg-x11-drv-ati-19.0.1-3.el7_7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"xorg-x11-drv-vesa-2.4.0-3.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"xorg-x11-drv-wacom-0.36.1-3.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"xorg-x11-drv-wacom-devel-0.36.1-3.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"xorg-x11-server-Xdmx-1.20.4-7.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"xorg-x11-server-Xephyr-1.20.4-7.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"xorg-x11-server-Xnest-1.20.4-7.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"xorg-x11-server-Xorg-1.20.4-7.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"xorg-x11-server-Xvfb-1.20.4-7.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"xorg-x11-server-Xwayland-1.20.4-7.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"xorg-x11-server-common-1.20.4-7.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"xorg-x11-server-devel-1.20.4-7.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"xorg-x11-server-source-1.20.4-7.el7")) flag++;
if (flag)
{
cr_plugin_caveat = '\n' +
'NOTE: The security advisory associated with this vulnerability has a\n' +
'fixed package version that may only be available in the continuous\n' +
'release (CR) repository for CentOS, until it is present in the next\n' +
'point release of CentOS.\n\n' +
'If an equal or higher package level does not exist in the baseline\n' +
'repository for your major version of CentOS, then updates from the CR\n' +
'repository will need to be applied in order to address the\n' +
'vulnerability.\n';
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + cr_plugin_caveat
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gdm / gdm-devel / gdm-pam-extensions-devel / libX11 / libX11-common / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| centos | centos | gdm | p-cpe:/a:centos:centos:gdm |
| centos | centos | gdm-devel | p-cpe:/a:centos:centos:gdm-devel |
| centos | centos | gdm-pam-extensions-devel | p-cpe:/a:centos:centos:gdm-pam-extensions-devel |
| centos | centos | libx11 | p-cpe:/a:centos:centos:libx11 |
| centos | centos | libx11-common | p-cpe:/a:centos:centos:libx11-common |
| centos | centos | libx11-devel | p-cpe:/a:centos:centos:libx11-devel |
| centos | centos | libxkbcommon | p-cpe:/a:centos:centos:libxkbcommon |
| centos | centos | libxkbcommon-devel | p-cpe:/a:centos:centos:libxkbcommon-devel |
| centos | centos | libxkbcommon-x11 | p-cpe:/a:centos:centos:libxkbcommon-x11 |
| centos | centos | libxkbcommon-x11-devel | p-cpe:/a:centos:centos:libxkbcommon-x11-devel |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14598
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14599
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14600
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15853
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15854
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15855
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15856
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15857
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15859
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15861
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15862
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15863
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15864
www.nessus.org/u?1da8f52b
www.nessus.org/u?2b8a2b52
www.nessus.org/u?49b31e3a
www.nessus.org/u?77cf2be0
www.nessus.org/u?b275660e
www.nessus.org/u?cca149cc
www.nessus.org/u?d789b3c9
Related
nessus
nessus
Amazon Linux 2 : xorg-x11-server (ALAS-2020-1433)
2020-06-04 00:00:00
Scientific Linux Security Update : Xorg on SL7.x x86_64 (20190806)
2019-08-27 00:00:00
amazon
amazon
Medium: xorg-x11-server
2020-06-03 18:21:00
Medium: libX11
2019-06-11 23:17:00
centos
centos
gdm, libX11, libxkbcommon, xorg security update
2019-08-30 02:52:02
openvas
openvas
CentOS: Security Advisory for xorg-x11-drv-ati (CESA-2019:2079)
2021-04-21 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0037-1)
2024-01-08 00:00:00
Ubuntu: Security Advisory (USN-3786-1)
2018-10-26 00:00:00
redhat
redhat
(RHSA-2019:2079) Moderate: Xorg security and bug fix update
2019-08-06 07:58:40
oraclelinux
oraclelinux
Xorg security and bug fix update
2019-08-13 00:00:00
suse
suse
Security update for libxkbcommon (low)
2018-11-17 00:15:49
Security update for libX11 (important)
2018-08-31 12:07:54
Security update for libX11 (moderate)
2018-10-05 12:07:58
ubuntu
ubuntu
libxkbcommon vulnerabilities
2018-10-08 00:00:00
libxkbcommon vulnerabilities
2018-11-06 00:00:00
libx11 vulnerabilities
2018-08-30 00:00:00
gentoo
gentoo
xkbcommon: Multiple vulnerabilities
2018-10-30 00:00:00
X.Org X11 library: Multiple vulnerabilities
2018-11-09 00:00:00
mageia
mageia
Updated libxkbcommon packages fix security vulnerabilities
2018-09-07 13:15:03
Updated libx11 packages fix security vulnerabilities
2018-09-21 02:17:55
cloudfoundry
cloudfoundry
USN-3786-1: libxkbcommon vulnerabilities | Cloud Foundry
2018-10-09 00:00:00
USN-3758-1: libx11 vulnerabilities | Cloud Foundry
2018-09-27 00:00:00
slackware
slackware
[slackware-security] libX11
2018-08-21 20:09:53
freebsd
freebsd
libX11 -- Multiple vulnerabilities
2018-08-21 00:00:00
ibm
ibm
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in xorg-x11-libX11 (CVE-2018-14598 CVE-2018-14599 CVE-2018-14600)
2023-12-07 22:45:02
debian
debian
[SECURITY] [DLA 1482-1] libx11 security update
2018-08-29 22:17:50
osv
osv
libx11 - security update
2018-08-29 00:00:00
CVE-2018-14598
2018-08-24 19:29:01
CVE-2018-15856
2018-08-25 21:29:01
fedora
fedora
[SECURITY] Fedora 28 Update: libX11-1.6.7-1.fc28
2019-04-30 01:41:08
[SECURITY] Fedora 28 Update: libxkbcommon-0.8.2-1.fc28
2018-08-30 04:58:45
[SECURITY] Fedora 27 Update: libxkbcommon-0.8.2-1.fc27
2018-09-29 23:57:09
ubuntucve
ubuntucve
veracode
veracode
Denial Of Service (DoS)
2019-08-08 00:07:45
Denial Of Service (DoS)
2019-08-08 00:07:45
Denial Of Service (DoS)
2019-08-08 00:07:45
cve
cve
redhatcve
redhatcve
alpinelinux
alpinelinux
prion
prion
Design/Logic Flaw
2018-08-25 21:29:00
Null pointer dereference
2018-08-25 21:29:00
Information disclosure
2018-08-25 21:29:00
nvd
nvd
debiancve
debiancve
cvelist
cvelist
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
0.05 Low
EPSS
Percentile
92.9%
Related for CENTOS_RHSA-2019-2079.NASL