7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
8 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.006 Low
EPSS
Percentile
78.4%
The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed :
CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bnc#1118319).
CVE-2018-12232: In net/socket.c in the there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat’s execution, leading to a NULL pointer dereference and system crash (bnc#1097593).
CVE-2018-14625: A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients (bnc#1106615).
CVE-2018-16862: A security flaw was found in a way that the cleancache subsystem clears an inode after the final file truncation (removal).
The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one (bnc#1117186).
CVE-2018-16884: NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bnc#1119946).
CVE-2018-18397: The userfaultfd implementation mishandled access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).
CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized (bnc#1116841).
CVE-2018-19854: An issue was discovered in the crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs.
NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker did not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option) (bnc#1118428).
CVE-2018-19985: The function hso_probe read if_num from the USB device (as an u8) and used it without a length check to index an array, resulting in an OOB memory read in hso_probe or hso_get_config_data that could be used by local attackers (bnc#1120743).
CVE-2018-20169: The USB subsystem mishandled size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c (bnc#1119714).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2019:0196-1.
# The text itself is copyright (C) SUSE.
#
include('compat.inc');
if (description)
{
script_id(121466);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/24");
script_cve_id(
"CVE-2013-2547",
"CVE-2018-9568",
"CVE-2018-12232",
"CVE-2018-14625",
"CVE-2018-16862",
"CVE-2018-16884",
"CVE-2018-18397",
"CVE-2018-19407",
"CVE-2018-19854",
"CVE-2018-19985",
"CVE-2018-20169"
);
script_bugtraq_id(58382);
script_name(english:"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:0196-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed :
CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory
corruption due to type confusion. This could lead to local escalation
of privilege with no additional execution privileges needed. User
interaction is not needed for exploitation. (bnc#1118319).
CVE-2018-12232: In net/socket.c in the there is a race condition
between fchownat and close in cases where they target the same socket
file descriptor, related to the sock_close and sockfs_setattr
functions. fchownat did not increment the file descriptor reference
count, which allowed close to set the socket to NULL during fchownat's
execution, leading to a NULL pointer dereference and system crash
(bnc#1097593).
CVE-2018-14625: A flaw was found where an attacker may be able to have
an uncontrolled read to kernel-memory from within a vm guest. A race
condition between connect() and close() function may allow an attacker
using the AF_VSOCK protocol to gather a 4 byte information leak or
possibly intercept or corrupt AF_VSOCK messages destined to other
clients (bnc#1106615).
CVE-2018-16862: A security flaw was found in a way that the cleancache
subsystem clears an inode after the final file truncation (removal).
The new file created with the same inode may contain leftover pages
from cleancache and the old file data instead of the new one
(bnc#1117186).
CVE-2018-16884: NFS41+ shares mounted in different network namespaces
at the same time can make bc_svc_process() use wrong back-channel IDs
and cause a use-after-free vulnerability. Thus a malicious container
user can cause a host kernel memory corruption and a system panic. Due
to the nature of the flaw, privilege escalation cannot be fully ruled
out (bnc#1119946).
CVE-2018-18397: The userfaultfd implementation mishandled access
control for certain UFFDIO_ ioctl calls, as demonstrated by allowing
local users to write data into holes in a tmpfs file (if the user has
read-only access to that file, and that file contains holes), related
to fs/userfaultfd.c and mm/userfaultfd.c (bnc#1117656).
CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c
allowed local users to cause a denial of service (NULL pointer
dereference and BUG) via crafted system calls that reach a situation
where ioapic is uninitialized (bnc#1116841).
CVE-2018-19854: An issue was discovered in the crypto_report_one() and
related functions in crypto/crypto_user.c (the crypto user
configuration API) do not fully initialize structures that are copied
to userspace, potentially leaking sensitive memory to user programs.
NOTE: this is a CVE-2013-2547 regression but with easier
exploitability because the attacker did not need a capability
(however, the system must have the CONFIG_CRYPTO_USER kconfig option)
(bnc#1118428).
CVE-2018-19985: The function hso_probe read if_num from the USB device
(as an u8) and used it without a length check to index an array,
resulting in an OOB memory read in hso_probe or hso_get_config_data
that could be used by local attackers (bnc#1120743).
CVE-2018-20169: The USB subsystem mishandled size checks during the
reading of an extra descriptor, related to __usb_get_extra_descriptor
in drivers/usb/core/usb.c (bnc#1119714).
The update package also includes non-security fixes. See advisory for
details.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1024718");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1046299");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1050242");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1050244");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1051510");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1055121");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1055186");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1058115");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1060463");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1065729");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1078248");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1079935");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1082387");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1083647");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1086282");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1086283");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1086423");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1087084");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1087978");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1088386");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1090888");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1091405");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1094244");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1097593");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1102875");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1102877");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1102879");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1102882");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1102896");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1103257");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1104353");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1104427");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1104967");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1105168");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1106105");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1106110");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1106615");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1106913");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1108270");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1109272");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1110558");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1111188");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1111469");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1111696");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1111795");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1112128");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1113722");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114648");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114871");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1116040");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1116336");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1116803");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1116841");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1117115");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1117162");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1117165");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1117186");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1117561");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1117656");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1117953");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118215");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118319");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118428");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118484");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118505");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118752");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118760");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118761");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118762");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118766");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118767");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118768");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118769");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118771");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118772");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118773");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118774");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118775");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118787");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118788");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118798");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118809");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118962");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1119017");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1119086");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1119212");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1119322");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1119410");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1119714");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1119749");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1119804");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1119946");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1119962");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1119968");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120036");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120046");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120053");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120054");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120055");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120058");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120088");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120092");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120094");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120096");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120097");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120173");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120214");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120223");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120228");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120230");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120232");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120234");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120235");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120238");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120594");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120598");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120600");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120601");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120602");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120603");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120604");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120606");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120612");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120613");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120614");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120615");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120616");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120617");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120618");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120620");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120621");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120632");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120633");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120743");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1120954");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1121017");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1121058");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1121263");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1121273");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1121477");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1121483");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1121599");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1121621");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1121714");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1121715");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1121973");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-12232/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14625/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-16862/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-16884/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-18397/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-19407/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-19854/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-19985/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-20169/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-9568/");
# https://www.suse.com/support/update/announcement/2019/suse-su-20190196-1/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b7b6ad1b");
script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch
SUSE-SLE-WE-12-SP4-2019-196=1
SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t
patch SUSE-SLE-SDK-12-SP4-2019-196=1
SUSE Linux Enterprise Server 12-SP4:zypper in -t patch
SUSE-SLE-SERVER-12-SP4-2019-196=1
SUSE Linux Enterprise Live Patching 12-SP4:zypper in -t patch
SUSE-SLE-Live-Patching-12-SP4-2019-196=1
SUSE Linux Enterprise High Availability 12-SP4:zypper in -t patch
SUSE-SLE-HA-12-SP4-2019-196=1
SUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP4-2019-196=1");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-9568");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2018-16884");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/03/15");
script_set_attribute(attribute:"patch_publication_date", value:"2019/01/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/30");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-man");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP4", os_ver + " SP" + sp);
if (os_ver == "SLED12" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP4", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"4", cpu:"x86_64", reference:"kernel-default-devel-debuginfo-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", cpu:"s390x", reference:"kernel-default-man-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"kernel-default-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"kernel-default-base-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"kernel-default-base-debuginfo-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"kernel-default-debuginfo-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"kernel-default-debugsource-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"kernel-default-devel-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"kernel-syms-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"kernel-default-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"kernel-default-debuginfo-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"kernel-default-debugsource-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"kernel-default-devel-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"kernel-default-devel-debuginfo-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"kernel-default-extra-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"kernel-default-extra-debuginfo-4.12.14-95.6.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"kernel-syms-4.12.14-95.6.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | kernel-default | p-cpe:/a:novell:suse_linux:kernel-default |
novell | suse_linux | kernel-default-base | p-cpe:/a:novell:suse_linux:kernel-default-base |
novell | suse_linux | kernel-default-base-debuginfo | p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo |
novell | suse_linux | kernel-default-debuginfo | p-cpe:/a:novell:suse_linux:kernel-default-debuginfo |
novell | suse_linux | kernel-default-debugsource | p-cpe:/a:novell:suse_linux:kernel-default-debugsource |
novell | suse_linux | kernel-default-devel | p-cpe:/a:novell:suse_linux:kernel-default-devel |
novell | suse_linux | kernel-default-devel-debuginfo | p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo |
novell | suse_linux | kernel-default-extra | p-cpe:/a:novell:suse_linux:kernel-default-extra |
novell | suse_linux | kernel-default-extra-debuginfo | p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo |
novell | suse_linux | kernel-default-man | p-cpe:/a:novell:suse_linux:kernel-default-man |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2547
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12232
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14625
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16862
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16884
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18397
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19407
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19854
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19985
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20169
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9568
www.nessus.org/u?b7b6ad1b
bugzilla.suse.com/show_bug.cgi?id=1024718
bugzilla.suse.com/show_bug.cgi?id=1046299
bugzilla.suse.com/show_bug.cgi?id=1050242
bugzilla.suse.com/show_bug.cgi?id=1050244
bugzilla.suse.com/show_bug.cgi?id=1051510
bugzilla.suse.com/show_bug.cgi?id=1055121
bugzilla.suse.com/show_bug.cgi?id=1055186
bugzilla.suse.com/show_bug.cgi?id=1058115
bugzilla.suse.com/show_bug.cgi?id=1060463
bugzilla.suse.com/show_bug.cgi?id=1065729
bugzilla.suse.com/show_bug.cgi?id=1078248
bugzilla.suse.com/show_bug.cgi?id=1079935
bugzilla.suse.com/show_bug.cgi?id=1082387
bugzilla.suse.com/show_bug.cgi?id=1083647
bugzilla.suse.com/show_bug.cgi?id=1086282
bugzilla.suse.com/show_bug.cgi?id=1086283
bugzilla.suse.com/show_bug.cgi?id=1086423
bugzilla.suse.com/show_bug.cgi?id=1087084
bugzilla.suse.com/show_bug.cgi?id=1087978
bugzilla.suse.com/show_bug.cgi?id=1088386
bugzilla.suse.com/show_bug.cgi?id=1090888
bugzilla.suse.com/show_bug.cgi?id=1091405
bugzilla.suse.com/show_bug.cgi?id=1094244
bugzilla.suse.com/show_bug.cgi?id=1097593
bugzilla.suse.com/show_bug.cgi?id=1102875
bugzilla.suse.com/show_bug.cgi?id=1102877
bugzilla.suse.com/show_bug.cgi?id=1102879
bugzilla.suse.com/show_bug.cgi?id=1102882
bugzilla.suse.com/show_bug.cgi?id=1102896
bugzilla.suse.com/show_bug.cgi?id=1103257
bugzilla.suse.com/show_bug.cgi?id=1104353
bugzilla.suse.com/show_bug.cgi?id=1104427
bugzilla.suse.com/show_bug.cgi?id=1104967
bugzilla.suse.com/show_bug.cgi?id=1105168
bugzilla.suse.com/show_bug.cgi?id=1106105
bugzilla.suse.com/show_bug.cgi?id=1106110
bugzilla.suse.com/show_bug.cgi?id=1106615
bugzilla.suse.com/show_bug.cgi?id=1106913
bugzilla.suse.com/show_bug.cgi?id=1108270
bugzilla.suse.com/show_bug.cgi?id=1109272
bugzilla.suse.com/show_bug.cgi?id=1110558
bugzilla.suse.com/show_bug.cgi?id=1111188
bugzilla.suse.com/show_bug.cgi?id=1111469
bugzilla.suse.com/show_bug.cgi?id=1111696
bugzilla.suse.com/show_bug.cgi?id=1111795
bugzilla.suse.com/show_bug.cgi?id=1112128
bugzilla.suse.com/show_bug.cgi?id=1113722
bugzilla.suse.com/show_bug.cgi?id=1114648
bugzilla.suse.com/show_bug.cgi?id=1114871
bugzilla.suse.com/show_bug.cgi?id=1116040
bugzilla.suse.com/show_bug.cgi?id=1116336
bugzilla.suse.com/show_bug.cgi?id=1116803
bugzilla.suse.com/show_bug.cgi?id=1116841
bugzilla.suse.com/show_bug.cgi?id=1117115
bugzilla.suse.com/show_bug.cgi?id=1117162
bugzilla.suse.com/show_bug.cgi?id=1117165
bugzilla.suse.com/show_bug.cgi?id=1117186
bugzilla.suse.com/show_bug.cgi?id=1117561
bugzilla.suse.com/show_bug.cgi?id=1117656
bugzilla.suse.com/show_bug.cgi?id=1117953
bugzilla.suse.com/show_bug.cgi?id=1118215
bugzilla.suse.com/show_bug.cgi?id=1118319
bugzilla.suse.com/show_bug.cgi?id=1118428
bugzilla.suse.com/show_bug.cgi?id=1118484
bugzilla.suse.com/show_bug.cgi?id=1118505
bugzilla.suse.com/show_bug.cgi?id=1118752
bugzilla.suse.com/show_bug.cgi?id=1118760
bugzilla.suse.com/show_bug.cgi?id=1118761
bugzilla.suse.com/show_bug.cgi?id=1118762
bugzilla.suse.com/show_bug.cgi?id=1118766
bugzilla.suse.com/show_bug.cgi?id=1118767
bugzilla.suse.com/show_bug.cgi?id=1118768
bugzilla.suse.com/show_bug.cgi?id=1118769
bugzilla.suse.com/show_bug.cgi?id=1118771
bugzilla.suse.com/show_bug.cgi?id=1118772
bugzilla.suse.com/show_bug.cgi?id=1118773
bugzilla.suse.com/show_bug.cgi?id=1118774
bugzilla.suse.com/show_bug.cgi?id=1118775
bugzilla.suse.com/show_bug.cgi?id=1118787
bugzilla.suse.com/show_bug.cgi?id=1118788
bugzilla.suse.com/show_bug.cgi?id=1118798
bugzilla.suse.com/show_bug.cgi?id=1118809
bugzilla.suse.com/show_bug.cgi?id=1118962
bugzilla.suse.com/show_bug.cgi?id=1119017
bugzilla.suse.com/show_bug.cgi?id=1119086
bugzilla.suse.com/show_bug.cgi?id=1119212
bugzilla.suse.com/show_bug.cgi?id=1119322
bugzilla.suse.com/show_bug.cgi?id=1119410
bugzilla.suse.com/show_bug.cgi?id=1119714
bugzilla.suse.com/show_bug.cgi?id=1119749
bugzilla.suse.com/show_bug.cgi?id=1119804
bugzilla.suse.com/show_bug.cgi?id=1119946
bugzilla.suse.com/show_bug.cgi?id=1119962
bugzilla.suse.com/show_bug.cgi?id=1119968
bugzilla.suse.com/show_bug.cgi?id=1120036
bugzilla.suse.com/show_bug.cgi?id=1120046
bugzilla.suse.com/show_bug.cgi?id=1120053
bugzilla.suse.com/show_bug.cgi?id=1120054
bugzilla.suse.com/show_bug.cgi?id=1120055
bugzilla.suse.com/show_bug.cgi?id=1120058
bugzilla.suse.com/show_bug.cgi?id=1120088
bugzilla.suse.com/show_bug.cgi?id=1120092
bugzilla.suse.com/show_bug.cgi?id=1120094
bugzilla.suse.com/show_bug.cgi?id=1120096
bugzilla.suse.com/show_bug.cgi?id=1120097
bugzilla.suse.com/show_bug.cgi?id=1120173
bugzilla.suse.com/show_bug.cgi?id=1120214
bugzilla.suse.com/show_bug.cgi?id=1120223
bugzilla.suse.com/show_bug.cgi?id=1120228
bugzilla.suse.com/show_bug.cgi?id=1120230
bugzilla.suse.com/show_bug.cgi?id=1120232
bugzilla.suse.com/show_bug.cgi?id=1120234
bugzilla.suse.com/show_bug.cgi?id=1120235
bugzilla.suse.com/show_bug.cgi?id=1120238
bugzilla.suse.com/show_bug.cgi?id=1120594
bugzilla.suse.com/show_bug.cgi?id=1120598
bugzilla.suse.com/show_bug.cgi?id=1120600
bugzilla.suse.com/show_bug.cgi?id=1120601
bugzilla.suse.com/show_bug.cgi?id=1120602
bugzilla.suse.com/show_bug.cgi?id=1120603
bugzilla.suse.com/show_bug.cgi?id=1120604
bugzilla.suse.com/show_bug.cgi?id=1120606
bugzilla.suse.com/show_bug.cgi?id=1120612
bugzilla.suse.com/show_bug.cgi?id=1120613
bugzilla.suse.com/show_bug.cgi?id=1120614
bugzilla.suse.com/show_bug.cgi?id=1120615
bugzilla.suse.com/show_bug.cgi?id=1120616
bugzilla.suse.com/show_bug.cgi?id=1120617
bugzilla.suse.com/show_bug.cgi?id=1120618
bugzilla.suse.com/show_bug.cgi?id=1120620
bugzilla.suse.com/show_bug.cgi?id=1120621
bugzilla.suse.com/show_bug.cgi?id=1120632
bugzilla.suse.com/show_bug.cgi?id=1120633
bugzilla.suse.com/show_bug.cgi?id=1120743
bugzilla.suse.com/show_bug.cgi?id=1120954
bugzilla.suse.com/show_bug.cgi?id=1121017
bugzilla.suse.com/show_bug.cgi?id=1121058
bugzilla.suse.com/show_bug.cgi?id=1121263
bugzilla.suse.com/show_bug.cgi?id=1121273
bugzilla.suse.com/show_bug.cgi?id=1121477
bugzilla.suse.com/show_bug.cgi?id=1121483
bugzilla.suse.com/show_bug.cgi?id=1121599
bugzilla.suse.com/show_bug.cgi?id=1121621
bugzilla.suse.com/show_bug.cgi?id=1121714
bugzilla.suse.com/show_bug.cgi?id=1121715
bugzilla.suse.com/show_bug.cgi?id=1121973
www.suse.com/security/cve/CVE-2018-12232/
www.suse.com/security/cve/CVE-2018-14625/
www.suse.com/security/cve/CVE-2018-16862/
www.suse.com/security/cve/CVE-2018-16884/
www.suse.com/security/cve/CVE-2018-18397/
www.suse.com/security/cve/CVE-2018-19407/
www.suse.com/security/cve/CVE-2018-19854/
www.suse.com/security/cve/CVE-2018-19985/
www.suse.com/security/cve/CVE-2018-20169/
www.suse.com/security/cve/CVE-2018-9568/
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
8 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.006 Low
EPSS
Percentile
78.4%