Lucene search
This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.F5_BIGIP_SOL14445.NASLHistoryOct 10, 2014 - 12:00 a.m.
F5 Networks BIG-IP : Linux kernel vulnerability (K14445)
2014-10-1000:00:00
This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
42
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
55.2%
The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type.
(CVE-2013-2094)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from F5 Networks BIG-IP Solution K14445.
#
# The text description of this plugin is (C) F5 Networks.
#
include('compat.inc');
if (description)
{
script_id(78150);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/09/16");
script_cve_id("CVE-2013-2094");
script_bugtraq_id(59846);
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/10/06");
script_name(english:"F5 Networks BIG-IP : Linux kernel vulnerability (K14445)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"The perf_swevent_init function in kernel/events/core.c in the Linux
kernel before 3.8.9 uses an incorrect integer data type.
(CVE-2013-2094)");
script_set_attribute(attribute:"see_also", value:"https://support.f5.com/csp/article/K14445");
script_set_attribute(attribute:"solution", value:
"Upgrade to one of the non-vulnerable versions listed in the F5
Solution K14445.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:"CANVAS");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/05/14");
script_set_attribute(attribute:"patch_publication_date", value:"2013/06/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/10");
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_advanced_firewall_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_acceleration_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_visibility_and_reporting");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_global_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_link_controller");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_policy_enforcement_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_wan_optimization_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_webaccelerator");
script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip_protocol_security_manager");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"F5 Networks Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("f5_bigip_detect.nbin");
script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version", "Settings/ParanoidReport");
exit(0);
}
include("f5_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
version = get_kb_item("Host/BIG-IP/version");
if ( ! version ) audit(AUDIT_OS_NOT, "F5 Networks BIG-IP");
if ( isnull(get_kb_item("Host/BIG-IP/hotfix")) ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/hotfix");
if ( ! get_kb_item("Host/BIG-IP/modules") ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/modules");
sol = "K14445";
vmatrix = make_array();
if (report_paranoia < 2) audit(AUDIT_PARANOID);
# AFM
vmatrix["AFM"] = make_array();
vmatrix["AFM"]["affected" ] = make_list("11.3.0-11.4.0");
vmatrix["AFM"]["unaffected"] = make_list("11.4.1");
# AM
vmatrix["AM"] = make_array();
vmatrix["AM"]["affected" ] = make_list("11.4.0");
vmatrix["AM"]["unaffected"] = make_list("11.4.1");
# APM
vmatrix["APM"] = make_array();
vmatrix["APM"]["affected" ] = make_list("11.2.0-11.4.0");
vmatrix["APM"]["unaffected"] = make_list("11.4.1","11.0.0-11.1.0","10.1.0-10.2.4");
# ASM
vmatrix["ASM"] = make_array();
vmatrix["ASM"]["affected" ] = make_list("11.2.0-11.4.0");
vmatrix["ASM"]["unaffected"] = make_list("11.4.1","11.0.0-11.1.0","10.0.0-10.2.4","9.2.0-9.4.8");
# AVR
vmatrix["AVR"] = make_array();
vmatrix["AVR"]["affected" ] = make_list("11.2.0-11.4.0");
vmatrix["AVR"]["unaffected"] = make_list("11.4.1","11.0.0-11.1.0");
# GTM
vmatrix["GTM"] = make_array();
vmatrix["GTM"]["affected" ] = make_list("11.2.0-11.4.0");
vmatrix["GTM"]["unaffected"] = make_list("11.4.1","11.0.0-11.1.0","10.0.0-10.2.4","9.2.2-9.4.8");
# LC
vmatrix["LC"] = make_array();
vmatrix["LC"]["affected" ] = make_list("11.2.0-11.4.0");
vmatrix["LC"]["unaffected"] = make_list("11.4.1","11.0.0-11.1.0","10.0.0-10.2.4","9.2.2-9.4.8");
# LTM
vmatrix["LTM"] = make_array();
vmatrix["LTM"]["affected" ] = make_list("11.2.0-11.4.0");
vmatrix["LTM"]["unaffected"] = make_list("11.4.1","11.0.0-11.1.0","10.0.0-10.2.4","9.0.0-9.6.1");
# PEM
vmatrix["PEM"] = make_array();
vmatrix["PEM"]["affected" ] = make_list("11.3.0-11.4.0");
vmatrix["PEM"]["unaffected"] = make_list("11.4.1");
# PSM
vmatrix["PSM"] = make_array();
vmatrix["PSM"]["affected" ] = make_list("11.2.0-11.4.0");
vmatrix["PSM"]["unaffected"] = make_list("11.4.1","11.0.0-11.1.0","10.0.0-10.2.4","9.4.5-9.4.8");
# WAM
vmatrix["WAM"] = make_array();
vmatrix["WAM"]["affected" ] = make_list("11.2.0-11.3.0");
vmatrix["WAM"]["unaffected"] = make_list("11.0.0-11.1.0","10.0.0-10.2.4","9.4.0-9.4.8");
# WOM
vmatrix["WOM"] = make_array();
vmatrix["WOM"]["affected" ] = make_list("11.2.0-11.3.0");
vmatrix["WOM"]["unaffected"] = make_list("11.0.0-11.1.0","10.0.0-10.2.4");
if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
{
if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = bigip_get_tested_modules();
audit_extra = "For BIG-IP module(s) " + tested + ",";
if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
else audit(AUDIT_HOST_NOT, "running any of the affected modules");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| f5 | big-ip_link_controller | cpe:/a:f5:big-ip_link_controller | |
| f5 | big-ip_protocol_security_manager | cpe:/h:f5:big-ip_protocol_security_manager | |
| f5 | big-ip_application_visibility_and_reporting | cpe:/a:f5:big-ip_application_visibility_and_reporting | |
| f5 | big-ip_policy_enforcement_manager | cpe:/a:f5:big-ip_policy_enforcement_manager | |
| f5 | big-ip_wan_optimization_manager | cpe:/a:f5:big-ip_wan_optimization_manager | |
| f5 | big-ip | cpe:/h:f5:big-ip | |
| f5 | big-ip_application_security_manager | cpe:/a:f5:big-ip_application_security_manager | |
| f5 | big-ip_advanced_firewall_manager | cpe:/a:f5:big-ip_advanced_firewall_manager | |
| f5 | big-ip_local_traffic_manager | cpe:/a:f5:big-ip_local_traffic_manager | |
| f5 | big-ip_access_policy_manager | cpe:/a:f5:big-ip_access_policy_manager |
Related
oraclelinux
oraclelinux
kernel security update
2013-05-16 00:00:00
Unbreakable Enterprise kernel Security update
2013-05-15 00:00:00
kernel security, bug fix, and enhancement update
2013-06-11 00:00:00
nessus
nessus
RHEL 6 : kernel (RHSA-2013:0830)
2013-05-17 00:00:00
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel Security (ELSA-2013-2524)
2013-07-12 00:00:00
CBL Mariner 2.0 Security Update: kernel (CVE-2013-2094)
2024-07-03 00:00:00
openvas
openvas
CentOS Update for kernel CESA-2013:0830 centos6
2013-05-17 00:00:00
Ubuntu Update for linux USN-1826-1
2013-05-17 00:00:00
Amazon Linux: Security Advisory (ALAS-2013-190)
2015-09-08 00:00:00
f5
f5
K14445 : Linux kernel vulnerability CVE-2013-2094
2013-09-23 00:00:00
SOL14445 - Linux kernel vulnerability CVE-2013-2094
2013-06-06 00:00:00
amazon
amazon
Medium: kernel
2013-05-14 15:37:00
cve
cve
CVE-2013-2094
2013-05-14 20:55:01
nvd
nvd
CVE-2013-2094
2013-05-14 20:55:01
altlinux
altlinux
securityvulns
securityvulns
[USN-1849-1] Linux kernel (Raring HWE) vulnerability
2013-06-03 00:00:00
Linux kernel security vulnerabilities
2013-07-15 00:00:00
packetstorm
packetstorm
Linux perf_swevent_init Local Root
2013-06-11 00:00:00
Ubuntu 12.04 3.x x86_64 perf_swevent_init Local Root
2014-06-02 00:00:00
ubuntu
ubuntu
Linux kernel vulnerability
2013-05-16 00:00:00
Linux kernel vulnerability
2013-05-16 00:00:00
Linux kernel vulnerability
2013-05-16 00:00:00
redhat
redhat
(RHSA-2013:0830) Important: kernel security update
2013-05-16 00:00:00
(RHSA-2013:0840) Important: kernel security update
2013-05-20 00:00:00
(RHSA-2013:0841) Important: kernel security update
2013-05-20 00:00:00
debiancve
debiancve
CVE-2013-2094
2013-05-14 20:55:01
cvelist
cvelist
CVE-2013-2094
2013-05-14 20:00:00
zdt
zdt
Ubuntu 12.04.0-2LTS x64 perf_swevent_init - Kernel Local Root Exploit
2014-06-01 00:00:00
Linux kernel perf_swevent_init - Local root Exploit
2013-06-11 00:00:00
suse
suse
Security update for Linux kernel (critical)
2013-05-24 17:04:28
Security update for the Linux Kernel (x86) (critical)
2013-05-22 02:04:20
kernel: security and bugfix update (critical)
2013-06-10 18:16:01
canvas
canvas
Immunity Canvas: PERF_SWEVENT_INIT
2013-05-14 20:55:00
android
android
libperf_event
2019-07-08 00:00:00
attackerkb
attackerkb
CVE-2013-2094
2013-05-14 00:00:00
cbl_mariner
cbl_mariner
CVE-2013-2094 affecting package kernel for versions less than 5.15.153.1-1
2024-04-09 20:48:36
CVE-2013-2094 affecting package kernel for versions less than 6.6.22.1-2
2024-04-02 21:08:16
exploitpack
exploitpack
cisa_kev
cisa_kev
Linux Kernel Privilege Escalation Vulnerability
2022-09-15 00:00:00
ubuntucve
ubuntucve
CVE-2013-2094
2013-05-14 00:00:00
centos
centos
kernel, perf, python security update
2013-05-17 00:36:04
cert
cert
prion
prion
Integer overflow
2013-05-14 20:55:00
seebug
seebug
Linux Kernel < 3.8.9 - x86_64 perf_swevent_init Local Root Exploit
2014-07-01 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:54:56
thn
thn
Android malware loaded with Linux kernel privilege escalation exploit
2013-06-12 18:00:00
Android malware loaded with Linux kernel privilege escalation exploit
2013-06-12 07:00:00
Google Detects Android Spyware That Spies On WhatsApp, Skype Calls
2017-11-27 22:29:00
slackware
slackware
kernel
2013-05-20 15:28:44
exploitdb
exploitdb
securelist
securelist
Skygofree: Following in the footsteps of HackingTeam
2018-01-16 10:00:58
kitploit
kitploit
debian
debian
[SECURITY] [DSA 2669-1] linux security update
2013-05-16 02:48:53
osv
osv
linux - several
2013-05-15 00:00:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
55.2%
Related for F5_BIGIP_SOL14445.NASL