Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2018-894.NASL
HistoryAug 20, 2018 - 12:00 a.m.

openSUSE Security Update : qemu (openSUSE-2018-894) (Spectre)

2018-08-2000:00:00
This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
27

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

65.2%

JSON

This update for qemu to version 2.11.2 fixes the following issues :

Security issue fixed :

  • CVE-2018-11806: Fix heap buffer overflow issue that can happen while reassembling fragmented datagrams (bsc#1096223).

  • CVE-2018-3639: Mitigation functionality for Speculative Store Bypass issue in x86 (bsc#1087082).

  • CVE-2018-7550: Fix out of bounds read and write memory access, potentially leading to code execution (bsc#1083291)

Bug fixes :

  • bsc#1091695: SEV guest will not lauchh with qemu-system-x86_64 version 2.11.1.

  • bsc#1094898: qemu-guest-agent service doesn’t work in version Leap 15.0.

  • bsc#1094725: virsh blockresize does not work with Xen qdisks.

  • bsc#1094913: QEMU crashes when starting a guest with more than 7.999TB.

This update was imported from the SUSE:SLE-15:Update update project.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2018-894.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(112003);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2018-11806", "CVE-2018-3639", "CVE-2018-7550");

  script_name(english:"openSUSE Security Update : qemu (openSUSE-2018-894) (Spectre)");
  script_summary(english:"Check for the openSUSE-2018-894 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update for qemu to version 2.11.2 fixes the following issues :

Security issue fixed :

  - CVE-2018-11806: Fix heap buffer overflow issue that can
    happen while reassembling fragmented datagrams
    (bsc#1096223).

  - CVE-2018-3639: Mitigation functionality for Speculative
    Store Bypass issue in x86 (bsc#1087082).

  - CVE-2018-7550: Fix out of bounds read and write memory
    access, potentially leading to code execution
    (bsc#1083291)

Bug fixes :

  - bsc#1091695: SEV guest will not lauchh with
    qemu-system-x86_64 version 2.11.1.

  - bsc#1094898: qemu-guest-agent service doesn't work in
    version Leap 15.0.

  - bsc#1094725: `virsh blockresize` does not work with Xen
    qdisks.

  - bsc#1094913: QEMU crashes when starting a guest with
    more than 7.999TB.

This update was imported from the SUSE:SLE-15:Update update project."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1083291"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1087082"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1091695"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1094725"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1094898"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1094913"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1096223"
  );
  # https://features.opensuse.org/322124
  script_set_attribute(
    attribute:"see_also",
    value:"https://features.opensuse.org/"
  );
  # https://features.opensuse.org/325467
  script_set_attribute(
    attribute:"see_also",
    value:"https://features.opensuse.org/"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected qemu packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-arm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-arm-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-curl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-curl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-dmg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-dmg-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-gluster");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-gluster-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-iscsi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-iscsi-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-rbd");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-rbd-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-ssh");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-block-ssh-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-extra-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-guest-agent");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-guest-agent-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ipxe");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ksm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-kvm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-lang");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-linux-user");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-linux-user-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-linux-user-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ppc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-ppc-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-s390");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-s390-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-seabios");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-sgabios");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-testsuite");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-vgabios");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-x86");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:qemu-x86-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2018/08/17");
  script_set_attribute(attribute:"in_the_news", value:"true");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/20");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE15.0", reference:"qemu-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-arm-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-arm-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-curl-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-curl-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-dmg-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-dmg-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-gluster-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-gluster-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-iscsi-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-iscsi-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-rbd-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-rbd-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-ssh-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-block-ssh-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-debugsource-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-extra-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-extra-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-guest-agent-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-guest-agent-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-ipxe-1.0.0-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-ksm-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-kvm-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-lang-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-linux-user-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-linux-user-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-linux-user-debugsource-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-ppc-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-ppc-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-s390-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-s390-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-seabios-1.11.0-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-sgabios-8-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-testsuite-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-tools-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-tools-debuginfo-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-vgabios-1.11.0-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-x86-2.11.2-lp150.7.6.1") ) flag++;
if ( rpm_check(release:"SUSE15.0", reference:"qemu-x86-debuginfo-2.11.2-lp150.7.6.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "qemu-linux-user / qemu-linux-user-debuginfo / etc");
}
VendorProductVersionCPE
novellopensuseqemup-cpe:/a:novell:opensuse:qemu
novellopensuseqemu-armp-cpe:/a:novell:opensuse:qemu-arm
novellopensuseqemu-arm-debuginfop-cpe:/a:novell:opensuse:qemu-arm-debuginfo
novellopensuseqemu-block-curlp-cpe:/a:novell:opensuse:qemu-block-curl
novellopensuseqemu-block-curl-debuginfop-cpe:/a:novell:opensuse:qemu-block-curl-debuginfo
novellopensuseqemu-block-dmgp-cpe:/a:novell:opensuse:qemu-block-dmg
novellopensuseqemu-block-dmg-debuginfop-cpe:/a:novell:opensuse:qemu-block-dmg-debuginfo
novellopensuseqemu-block-glusterp-cpe:/a:novell:opensuse:qemu-block-gluster
novellopensuseqemu-block-gluster-debuginfop-cpe:/a:novell:opensuse:qemu-block-gluster-debuginfo
novellopensuseqemu-block-iscsip-cpe:/a:novell:opensuse:qemu-block-iscsi
Rows per page:
1-10 of 411

Related

openvas 28
nessus 83
suse 4
amazon 5
centos 5
oraclelinux 7
redhat 27
fedora 4
ubuntucve 2
osv 5
cvelist 2
debiancve 2
zdi 1
debian 3
redhatcve 2
nvd 2
prion 2
cve 2
veracode 2
f5 2
ibm 3
kaspersky 1
zdt 1
photon 1
citrix 1
virtuozzo 1
mageia 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:2340-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for qemu (openSUSE-SU-2018:2402-1)
2018-10-26 00:00:00
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2018-1314)
2020-01-23 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2018:2340-1) (Spectre)
2019-01-02 00:00:00
openSUSE Security Update : qemu (openSUSE-2019-620) (Spectre)
2019-03-27 00:00:00
EulerOS 2.0 SP2 : qemu-kvm (EulerOS-SA-2018-1313)
2018-09-27 00:00:00
suse
suse
Security update for qemu (moderate)
2018-08-17 12:15:11
Security update for qemu (moderate)
2018-11-10 00:23:53
Security update for libvirt (important)
2018-06-09 15:07:56
amazon
amazon
Important: qemu-kvm
2018-09-05 19:33:00
Important: qemu-kvm
2018-09-12 22:19:00
Important: java-1.7.0-openjdk
2018-06-08 18:32:00
centos
centos
qemu security update
2018-08-21 01:08:04
java security update
2018-05-22 18:16:51
kernel, perf, python security update
2018-05-22 15:35:50
oraclelinux
oraclelinux
qemu-kvm security and bug fix update
2018-08-16 00:00:00
libvirt security update
2018-05-22 00:00:00
java-1.7.0-openjdk security update
2018-05-22 00:00:00
redhat
redhat
(RHSA-2018:2462) Important: qemu-kvm security and bug fix update
2018-08-16 12:48:04
(RHSA-2018:1646) Important: qemu-kvm-rhev security update
2018-05-21 23:35:23
(RHSA-2018:1645) Important: qemu-kvm-rhev security update
2018-05-21 23:35:09
fedora
fedora
[SECURITY] Fedora 28 Update: qemu-2.11.2-2.fc28
2018-08-24 08:06:03
[SECURITY] Fedora 29 Update: java-1.8.0-openjdk-1.8.0.201.b09-2.fc29
2019-02-11 01:57:50
[SECURITY] Fedora 28 Update: java-1.8.0-openjdk-1.8.0.201.b09-2.fc28
2019-02-25 01:34:09
ubuntucve
ubuntucve
CVE-2018-7550
2018-03-01 00:00:00
CVE-2018-11806
2018-06-13 00:00:00
osv
osv
CVE-2018-7550
2018-03-01 17:29:00
qemu - security update
2018-04-17 00:00:00
qemu-kvm - security update
2018-04-17 00:00:00
cvelist
cvelist
CVE-2018-7550
2018-03-01 00:00:00
CVE-2018-11806
2018-06-13 16:00:00
debiancve
debiancve
CVE-2018-7550
2018-03-01 17:29:00
CVE-2018-11806
2018-06-13 16:29:01
zdi
zdi
Qemu Slirp Networking Heap-based Buffer Overflow Privilege Escalation Vulnerability
2018-06-07 00:00:00
debian
debian
[SECURITY] [DLA 1351-1] qemu security update
2018-04-17 14:48:41
[SECURITY] [DLA 1350-1] qemu-kvm security update
2018-04-17 14:17:19
[SECURITY] [DSA 4210-1] xen security update
2018-05-25 05:00:47
redhatcve
redhatcve
CVE-2018-7550
2020-04-01 13:59:46
CVE-2018-11806
2019-10-31 22:26:58
nvd
nvd
CVE-2018-7550
2018-03-01 17:29:00
CVE-2018-11806
2018-06-13 16:29:01
prion
prion
Out-of-bounds
2018-03-01 17:29:00
Heap overflow
2018-06-13 16:29:00
cve
cve
CVE-2018-7550
2018-03-01 17:29:00
CVE-2018-11806
2018-06-13 16:29:01
veracode
veracode
Memory Corruption
2019-01-15 09:23:14
Denial Of Service (DoS)
2019-01-15 09:26:12
f5
f5
K51428664 : QEMU vulnerability CVE-2018-11806
2020-12-31 00:00:00
K29146534 : SSB Variant 4 vulnerability CVE-2018-3639
2018-07-10 00:00:00
ibm
ibm
Security Bulletin: IBM Cloud Manager is affected by the vulnerabilities known as SpectreNG (CVE-2018-3639)
2018-08-08 04:13:55
Security Bulletin: IBM has released the following fixes for AIX and VIOS in response to Speculative Store Bypass (SSB), also known as Variant 4.
2018-08-17 23:06:03
Security Bulletin: IBM Netezza Host Management is affected by the vulnerability known as Variant 4 or SpectreNG.
2019-10-18 03:36:34
kaspersky
kaspersky
KLA11893 Microsoft Advisory for Microsoft Products (ESU)
2018-05-21 00:00:00
zdt
zdt
AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass Exploit
2018-05-23 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0151
2018-06-22 00:00:00
citrix
citrix
CVE-2018-3639 - Citrix XenServer Security Update
2018-05-22 04:00:00
virtuozzo
virtuozzo
Important kernel security update: CVE-2018-3639; new kernel 2.6.32-042stab130.1; Virtuozzo 6.0 Update 12 Hotfix 25 (6.0.12-3705)
2018-05-23 00:00:00
mageia
mageia
Updated libvirt packages fix security vulnerability
2018-05-31 23:34:08

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

65.2%

JSON
Related for OPENSUSE-2018-894.NASL
openvas28nessus83suse4amazon5centos5oraclelinux7redhat27fedora4ubuntucve2osv5cvelist2debiancve2zdi1debian3redhatcve2nvd2prion2cve2veracode2f52ibm3kaspersky1zdt1photon1citrix1virtuozzo1mageia1