Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2019-4871.NASL
HistoryDec 10, 2019 - 12:00 a.m.

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4871)

2019-12-1000:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
27

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.0%

JSON

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4871 advisory.

  • An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver. (CVE-2019-15213)

  • ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. (CVE-2019-17053)

  • An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver. (CVE-2019-15215)

  • An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver. (CVE-2019-15217)

  • In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a. (CVE-2019-16994)

  • base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. (CVE-2019-17055)

  • An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver. (CVE-2019-15219)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Oracle Linux Security Advisory ELSA-2019-4871.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(131917);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/04");

  script_cve_id(
    "CVE-2019-15213",
    "CVE-2019-15215",
    "CVE-2019-15217",
    "CVE-2019-15219",
    "CVE-2019-16994",
    "CVE-2019-17053",
    "CVE-2019-17055"
  );

  script_name(english:"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4871)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Oracle Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in
the ELSA-2019-4871 advisory.

  - An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious
    USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver. (CVE-2019-15213)

  - ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel
    through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket,
    aka CID-e69dbd4619e7. (CVE-2019-17053)

  - An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious
    USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver. (CVE-2019-15215)

  - An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a
    malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver. (CVE-2019-15217)

  - In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when
    register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka
    CID-07f12b26e21a. (CVE-2019-16994)

  - base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through
    5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka
    CID-b91ee4aa2a21. (CVE-2019-17055)

  - An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a
    malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver. (CVE-2019-15219)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://linux.oracle.com/errata/ELSA-2019-4871.html");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-17055");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/12/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/10");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.41.1.el6uek");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.41.1.el7uek");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uek");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uek-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uek-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uek-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uek-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uek-firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Oracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("linux_alt_patch_detect.nasl", "ssh_get_info.nasl");
  script_require_keys("Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/local_checks_enabled");

  exit(0);
}


include('audit.inc');
include('global_settings.inc');
include('ksplice.inc');
include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');
var release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');
var os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');
var os_ver = os_ver[1];
if (! preg(pattern:"^(6|7)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);
if ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);

var machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');
if (machine_uptrack_level)
{
  var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:"\.(x86_64|i[3-6]86|aarch64)$", replace:'');
  var fixed_uptrack_levels = ['3.8.13-118.41.1.el6uek', '3.8.13-118.41.1.el7uek'];
  foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {
    if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)
    {
      audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-4871');
    }
  }
  __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\n\n';
}

var kernel_major_minor = get_kb_item('Host/uname/major_minor');
if (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');
var expected_kernel_major_minor = '3.8';
if (kernel_major_minor != expected_kernel_major_minor)
  audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);

var pkgs = [
    {'reference':'dtrace-modules-3.8.13-118.41.1.el6uek-0.4.5-3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'kernel-uek-3.8.13-118.41.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},
    {'reference':'kernel-uek-debug-3.8.13-118.41.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},
    {'reference':'kernel-uek-debug-devel-3.8.13-118.41.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},
    {'reference':'kernel-uek-devel-3.8.13-118.41.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},
    {'reference':'kernel-uek-doc-3.8.13-118.41.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},
    {'reference':'kernel-uek-firmware-3.8.13-118.41.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'},
    {'reference':'dtrace-modules-3.8.13-118.41.1.el7uek-0.4.5-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'kernel-uek-3.8.13-118.41.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},
    {'reference':'kernel-uek-debug-3.8.13-118.41.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},
    {'reference':'kernel-uek-debug-devel-3.8.13-118.41.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},
    {'reference':'kernel-uek-devel-3.8.13-118.41.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},
    {'reference':'kernel-uek-doc-3.8.13-118.41.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},
    {'reference':'kernel-uek-firmware-3.8.13-118.41.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var release = NULL;
  var sp = NULL;
  var cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (reference && release) {
    if (exists_check) {
        if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
    } else {
        if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
    }
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_NOTE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dtrace-modules-3.8.13-118.41.1.el6uek / dtrace-modules-3.8.13-118.41.1.el7uek / kernel-uek / etc');
}
VendorProductVersionCPE
oraclelinuxdtrace-modules-3.8.13-118.41.1.el6uekp-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.41.1.el6uek
oraclelinuxdtrace-modules-3.8.13-118.41.1.el7uekp-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.41.1.el7uek
oraclelinuxkernel-uekp-cpe:/a:oracle:linux:kernel-uek
oraclelinuxkernel-uek-debugp-cpe:/a:oracle:linux:kernel-uek-debug
oraclelinuxkernel-uek-debug-develp-cpe:/a:oracle:linux:kernel-uek-debug-devel
oraclelinuxkernel-uek-develp-cpe:/a:oracle:linux:kernel-uek-devel
oraclelinuxkernel-uek-docp-cpe:/a:oracle:linux:kernel-uek-doc
oraclelinuxkernel-uek-firmwarep-cpe:/a:oracle:linux:kernel-uek-firmware
oraclelinux6cpe:/o:oracle:linux:6
oraclelinux7cpe:/o:oracle:linux:7

Related

oraclelinux 8
nessus 49
redhatcve 7
nvd 7
cvelist 7
debiancve 7
prion 7
cve 7
ubuntucve 7
ibm 5
fedora 5
openvas 35
f5 3
symantec 2
veracode 1
centos 2
redhat 3
ubuntu 11
photon 9
cloudfoundry 3
debian 4
osv 3
virtuozzo 2
suse 4
slackware 1
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2019-12-09 00:00:00
Unbreakable Enterprise kernel security update
2019-12-09 00:00:00
Unbreakable Enterprise kernel security update
2019-12-13 00:00:00
nessus
nessus
Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2019-4872)
2019-12-10 00:00:00
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4878)
2019-12-16 00:00:00
OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0056)
2019-11-22 00:00:00
redhatcve
redhatcve
CVE-2019-15213
2020-01-08 03:56:53
CVE-2019-15215
2019-08-26 10:21:25
CVE-2019-15217
2019-08-26 10:52:43
nvd
nvd
CVE-2019-15215
2019-08-19 22:15:11
CVE-2019-15213
2019-08-19 22:15:11
CVE-2019-15219
2019-08-19 22:15:11
cvelist
cvelist
CVE-2019-15219
2019-08-19 21:45:57
CVE-2019-15213
2019-08-19 21:47:09
CVE-2019-15215
2019-08-19 21:46:38
debiancve
debiancve
CVE-2019-15219
2019-08-19 22:15:11
CVE-2019-15215
2019-08-19 22:15:11
CVE-2019-15217
2019-08-19 22:15:11
prion
prion
Double free
2019-08-19 22:15:00
Double free
2019-08-19 22:15:00
Null pointer dereference
2019-08-19 22:15:00
cve
cve
CVE-2019-15213
2019-08-19 22:15:11
CVE-2019-15219
2019-08-19 22:15:11
CVE-2019-15217
2019-08-19 22:15:11
ubuntucve
ubuntucve
CVE-2019-15219
2019-08-19 00:00:00
CVE-2019-15213
2019-08-19 00:00:00
CVE-2019-15215
2019-08-19 00:00:00
ibm
ibm
Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management
2020-10-28 13:21:38
Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management
2020-06-19 18:07:55
Security Bulletin: Multiple vulnerabilities in Linux Kernel affect IBM Spectrum Protect Plus
2020-04-01 00:35:26
fedora
fedora
[SECURITY] Fedora 29 Update: kernel-tools-5.3.6-100.fc29
2019-10-25 18:09:35
[SECURITY] Fedora 31 Update: kernel-5.3.4-300.fc31
2019-10-08 00:30:43
[SECURITY] Fedora 31 Update: kernel-headers-5.3.4-300.fc31
2019-10-08 00:30:43
openvas
openvas
Fedora Update for kernel FEDORA-2019-b1de72b00b
2020-01-09 00:00:00
Fedora Update for kernel-headers FEDORA-2019-41e28660ae
2019-10-26 00:00:00
Fedora Update for kernel-tools FEDORA-2019-41e28660ae
2019-10-26 00:00:00
f5
f5
K27575300 : Linux kernel vulnerability CVE-2019-17053
2022-05-20 00:00:00
K63176101 : Linux kernel vulnerability CVE-2019-17055
2020-09-24 00:00:00
Linux kernel vulnerabilities CVE-2019-15217 and CVE-2019-15221
2022-05-20 17:01:00
symantec
symantec
Linux kernel CVE-2019-16994 Memory Leak Denial of Service Vulnerability
2019-03-02 00:00:00
Linux Kernel Multiple Local Privilege Escalation Vulnerabilities
2019-09-24 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-05-08 02:08:44
centos
centos
kernel, perf, python security update
2020-03-12 14:27:10
bpftool, kernel, perf, python security update
2020-10-20 18:20:15
redhat
redhat
(RHSA-2020:0790) Important: kernel security and bug fix update
2020-03-11 14:47:42
(RHSA-2020:4062) Important: kernel-rt security and bug fix update
2020-09-29 18:41:41
(RHSA-2020:4060) Important: kernel security, bug fix, and enhancement update
2020-09-29 18:42:12
ubuntu
ubuntu
Linux kernel (Azure) vulnerabilities
2019-11-13 00:00:00
Linux kernel (Xenial HWE) vulnerabilities
2019-11-13 00:00:00
Linux kernel vulnerabilities
2019-11-13 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2019-0189
2019-11-14 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0251
2019-09-24 00:00:00
Important Photon OS Security Update - PHSA-2019-0251
2019-09-24 00:00:00
cloudfoundry
cloudfoundry
USN-4185-1: Linux kernel vulnerabilities | Cloud Foundry
2019-11-21 00:00:00
USN-4185-3: Linux kernel vulnerability and regression | Cloud Foundry
2019-11-21 00:00:00
USN-4302-1: Linux kernel vulnerabilities | Cloud Foundry
2020-04-23 00:00:00
debian
debian
[SECURITY] [DLA 1919-1] linux-4.9 security update
2019-09-14 00:21:38
[SECURITY] [DLA 1919-2] linux-4.9 security update
2019-09-15 17:51:06
[SECURITY] [DLA 1930-1] linux security update
2019-09-25 09:49:28
osv
osv
linux-4.9 - security update
2019-09-12 00:00:00
linux - security update
2019-09-24 00:00:00
linux - security update
2020-01-17 00:00:00
virtuozzo
virtuozzo
Important kernel security update: New kernel 2.6.32-042stab144.1; Virtuozzo 6.0 Update 12 Hotfix 51 (6.0.12-3757)
2020-05-21 00:00:00
Important kernel security update: New kernel 2.6.32-042stab144.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0
2020-05-21 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2019-11-14 00:00:00
Security update for the Linux Kernel (important)
2019-09-24 00:00:00
Security update for the Linux Kernel (important)
2019-09-25 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2019-11-07 22:31:40

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.0%

JSON
Related for ORACLELINUX_ELSA-2019-4871.NASL
oraclelinux8nessus49redhatcve7nvd7cvelist7debiancve7prion7cve7ubuntucve7ibm5fedora5openvas35f53symantec2veracode1centos2redhat3ubuntu11photon9cloudfoundry3debian4osv3virtuozzo2suse4slackware1