Lucene search
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2016-869.NASLHistoryJul 15, 2016 - 12:00 a.m.
openSUSE Security Update : the Linux Kernel (openSUSE-2016-869)
2016-07-1500:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
30
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0005 Low
EPSS
Percentile
17.0%
The openSUSE Leap 42.1 was updated to 4.1.27 to receive various security and bugfixes.
The following security bugs were fixed :
-
CVE-2016-4997: A buffer overflow in 32bit compat_setsockopt iptables handling could lead to a local privilege escalation. (bsc#986362)
-
CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572).
-
CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755).
-
CVE-2016-4794: Use-after-free vulnerability in mm/percpu.c in the Linux kernel allowed local users to cause a denial of service (BUG) or possibly have unspecified other impact via crafted use of the mmap and bpf system calls (bnc#980265).
The following non-security bugs were fixed :
-
Refresh patches.xen/xen-netback-coalesce: Restore copying of SKBs with head exceeding page size (bsc#978469).
-
Refresh patches.xen/xen3-patch-2.6.26 (fix PAT initialization).
-
Refresh patches.xen/xen3-patch-2.6.39 (fix ia32_compat inheritance).
-
Refresh patches.xen/xen3-patch-3.14: Suppress atomic file position updates for /proc/xen/xenbus (bsc#970275).
-
Refresh patches.xen/xen3-patch-3.16 (drop redundant addition of a comment).
-
Refresh patches.xen/xen3-patch-4.1.7-8.
-
base: make module_create_drivers_dir race-free (bnc#983977).
-
ipvs: count pre-established TCP states as active (bsc#970114).
-
net: thunderx: Fix TL4 configuration for secondary Qsets (bsc#986530).
-
net: thunderx: Fix link status reporting (bsc#986530).
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2016-869.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(92308);
script_version("2.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2016-4470", "CVE-2016-4794", "CVE-2016-4997", "CVE-2016-5829");
script_name(english:"openSUSE Security Update : the Linux Kernel (openSUSE-2016-869)");
script_summary(english:"Check for the openSUSE-2016-869 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"The openSUSE Leap 42.1 was updated to 4.1.27 to receive various
security and bugfixes.
The following security bugs were fixed :
- CVE-2016-4997: A buffer overflow in 32bit
compat_setsockopt iptables handling could lead to a
local privilege escalation. (bsc#986362)
- CVE-2016-5829: Multiple heap-based buffer overflows in
the hiddev_ioctl_usage function in
drivers/hid/usbhid/hiddev.c in the Linux kernel allow
local users to cause a denial of service or possibly
have unspecified other impact via a crafted (1)
HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call
(bnc#986572).
- CVE-2016-4470: The key_reject_and_link function in
security/keys/key.c in the Linux kernel did not ensure
that a certain data structure is initialized, which
allowed local users to cause a denial of service (system
crash) via vectors involving a crafted keyctl request2
command (bnc#984755).
- CVE-2016-4794: Use-after-free vulnerability in
mm/percpu.c in the Linux kernel allowed local users to
cause a denial of service (BUG) or possibly have
unspecified other impact via crafted use of the mmap and
bpf system calls (bnc#980265).
The following non-security bugs were fixed :
- Refresh patches.xen/xen-netback-coalesce: Restore
copying of SKBs with head exceeding page size
(bsc#978469).
- Refresh patches.xen/xen3-patch-2.6.26 (fix PAT
initialization).
- Refresh patches.xen/xen3-patch-2.6.39 (fix ia32_compat
inheritance).
- Refresh patches.xen/xen3-patch-3.14: Suppress atomic
file position updates for /proc/xen/xenbus (bsc#970275).
- Refresh patches.xen/xen3-patch-3.16 (drop redundant
addition of a comment).
- Refresh patches.xen/xen3-patch-4.1.7-8.
- base: make module_create_drivers_dir race-free
(bnc#983977).
- ipvs: count pre-established TCP states as active
(bsc#970114).
- net: thunderx: Fix TL4 configuration for secondary Qsets
(bsc#986530).
- net: thunderx: Fix link status reporting (bsc#986530)."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=970114"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=970275"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=978469"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=980265"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=983977"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=984755"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=986362"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=986530"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.opensuse.org/show_bug.cgi?id=986572"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected the Linux Kernel packages."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Linux Kernel 4.6.3 Netfilter Privilege Escalation');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-docs-html");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-docs-pdf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-macros");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-build");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-qa");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-qa-xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pv");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pv-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pv-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pv-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pv-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pv-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source-vanilla");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-syms");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1");
script_set_attribute(attribute:"patch_publication_date", value:"2016/07/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/07/15");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-default-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-default-base-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-default-base-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-default-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-default-debugsource-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-default-devel-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-devel-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-docs-html-4.1.27-24.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-docs-pdf-4.1.27-24.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-macros-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-obs-build-4.1.27-24.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-obs-build-debugsource-4.1.27-24.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-obs-qa-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-obs-qa-xen-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-source-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-source-vanilla-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-syms-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-base-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-base-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-debugsource-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-devel-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-devel-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-ec2-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-ec2-base-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-ec2-base-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-ec2-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-ec2-debugsource-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-ec2-devel-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pae-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pae-base-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pae-base-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pae-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pae-debugsource-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pae-devel-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pv-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pv-base-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pv-base-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pv-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pv-debugsource-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pv-devel-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-vanilla-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-vanilla-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-vanilla-debugsource-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-vanilla-devel-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-xen-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-xen-base-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-xen-base-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-xen-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-xen-debugsource-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-xen-devel-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-base-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-base-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-debugsource-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-devel-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-devel-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-ec2-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-ec2-base-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-ec2-base-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-ec2-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-ec2-debugsource-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-ec2-devel-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pae-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pae-base-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pae-base-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pae-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pae-debugsource-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pae-devel-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pv-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pv-base-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pv-base-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pv-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pv-debugsource-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pv-devel-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-vanilla-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-vanilla-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-vanilla-debugsource-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-vanilla-devel-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-xen-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-xen-base-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-xen-base-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-xen-debuginfo-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-xen-debugsource-4.1.27-24.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-xen-devel-4.1.27-24.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-debug / kernel-debug-base / kernel-debug-base-debuginfo / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | kernel-debug | p-cpe:/a:novell:opensuse:kernel-debug |
| novell | opensuse | kernel-debug-base | p-cpe:/a:novell:opensuse:kernel-debug-base |
| novell | opensuse | kernel-debug-base-debuginfo | p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo |
| novell | opensuse | kernel-debug-debuginfo | p-cpe:/a:novell:opensuse:kernel-debug-debuginfo |
| novell | opensuse | kernel-debug-debugsource | p-cpe:/a:novell:opensuse:kernel-debug-debugsource |
| novell | opensuse | kernel-debug-devel | p-cpe:/a:novell:opensuse:kernel-debug-devel |
| novell | opensuse | kernel-debug-devel-debuginfo | p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo |
| novell | opensuse | kernel-default | p-cpe:/a:novell:opensuse:kernel-default |
| novell | opensuse | kernel-default-base | p-cpe:/a:novell:opensuse:kernel-default-base |
| novell | opensuse | kernel-default-base-debuginfo | p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4470
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4794
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4997
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5829
bugzilla.opensuse.org/show_bug.cgi?id=970114
bugzilla.opensuse.org/show_bug.cgi?id=970275
bugzilla.opensuse.org/show_bug.cgi?id=978469
bugzilla.opensuse.org/show_bug.cgi?id=980265
bugzilla.opensuse.org/show_bug.cgi?id=983977
bugzilla.opensuse.org/show_bug.cgi?id=984755
bugzilla.opensuse.org/show_bug.cgi?id=986362
bugzilla.opensuse.org/show_bug.cgi?id=986530
bugzilla.opensuse.org/show_bug.cgi?id=986572
Related
openvas
openvas
openSUSE: Security Advisory for kernel (openSUSE-SU-2016:1798-1)
2016-07-15 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:2018-1)
2021-06-09 00:00:00
RedHat Update for kernel RHSA-2016:2006-01
2016-10-05 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2016-07-14 14:08:15
Security update for the Linux Kernel (important)
2016-08-09 21:09:10
Security update for Linux Kernel Live Patch 4 for SLE 12 SP1 (important)
2016-08-29 15:13:28
nessus
nessus
SUSE SLES11 Security Update : kernel (SUSE-SU-2016:2018-1)
2016-09-02 00:00:00
RHEL 6 : kernel (RHSA-2016:2006)
2016-10-05 00:00:00
CentOS 6 : kernel (CESA-2016:2006)
2016-10-06 00:00:00
centos
centos
kernel, perf, python security update
2016-10-05 14:03:13
redhat
redhat
(RHSA-2016:2006) Important: kernel security and bug fix update
2016-10-04 19:56:02
(RHSA-2016:2074) Important: kernel security and bug fix update
2016-10-18 10:37:45
(RHSA-2016:2076) Important: kernel security update
2016-10-18 13:53:29
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2016-08-31 18:32:33
Updated kernel-tmb packages fix security vulnerabilities
2016-08-31 18:32:33
Updated kernel packages fix security vulnerability
2016-07-31 23:39:13
oraclelinux
oraclelinux
kernel security and bug fix update
2016-10-04 00:00:00
Unbreakable Enterprise kernel security update
2016-08-04 00:00:00
Unbreakable Enterprise kernel security update
2016-08-04 00:00:00
ubuntu
ubuntu
Linux kernel (Vivid HWE) vulnerabilities
2016-08-10 00:00:00
Linux kernel (Raspberry Pi 2) vulnerabilities
2016-08-10 00:00:00
Linux kernel vulnerabilities
2016-08-10 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: kernel-4.4.14-200.fc22
2016-07-19 07:20:52
[SECURITY] Fedora 24 Update: kernel-4.6.3-300.fc24
2016-06-30 21:30:47
[SECURITY] Fedora 23 Update: kernel-4.5.7-202.fc23
2016-07-02 19:33:02
android
android
CVE-2016-4794
2016-12-01 00:00:00
CVE-2016-4470
2016-09-01 00:00:00
prion
prion
Design/Logic Flaw
2016-05-23 10:59:00
Memory corruption
2016-07-03 21:59:00
Command injection
2016-06-27 10:59:00
debiancve
debiancve
cve
cve
cvelist
cvelist
nvd
nvd
ubuntucve
ubuntucve
cloudfoundry
cloudfoundry
USN-3053-1/USN-3037-1 Linux kernel (Vivid HWE) vulnerability | Cloud Foundry
2016-08-25 00:00:00
zdt
zdt
Linux Kernel 4.6.3 Netfilter Privilege Escalation Exploit
2016-11-24 00:00:00
Linux Kernel 4.6.3 Netfilter Privilege Escalation Vulnerability
2016-09-27 00:00:00
metasploit
metasploit
Linux Kernel 4.6.3 Netfilter Privilege Escalation
2016-11-18 18:52:09
packetstorm
packetstorm
Linux Kernel 4.6.3 Netfilter Privilege Escalation
2016-11-23 00:00:00
Linux Kernel 4.6.3 Netfilter Privilege Escalation
2016-09-27 00:00:00
redhatcve
redhatcve
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:49:27
Use-After-Free
2019-05-02 06:01:56
exploitpack
exploitpack
f5
f5
K28056114 : Linux kernel vulnerability CVE-2016-5829
2016-10-22 00:00:00
SOL55672042 - Linux kernel vulnerability CVE-2016-4470
2016-10-22 00:00:00
SOL28056114 - Linux kernel vulnerability CVE-2016-5829
2016-10-21 00:00:00
threatpost
threatpost
Dirty Cow Vulnerability Patched in Android Security Bulletin
2016-12-05 15:32:51
exploitdb
exploitdb
fortinet
fortinet
Multiple vulnerabilities in Linux kernels through 4.6.3
2017-04-05 00:00:00
debian
debian
[SECURITY] [DLA 609-1] linux security update
2016-09-03 11:53:47
osv
osv
linux - security update
2016-09-03 00:00:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0005 Low
EPSS
Percentile
17.0%
Related for OPENSUSE-2016-869.NASL