Lucene search

HistoryAug 12, 2019 - 12:00 a.m.

SUSE SLED15 / SLES15 Security Update : Linux Azure Kernel (SUSE-SU-2019:2068-1)

2019-08-1200:00:00

www.tenable.com

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.018 Low

EPSS

Percentile

88.3%

JSON

The SUSE Linux Enterprise 15 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed :

CVE-2018-20855: An issue was discovered in create_qp_common, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace. (bnc#bsc#1103991)

CVE-2019-1125: Fix Spectre V1 variant via swapgs: Exclude ATOMs from speculation through SWAPGS (bsc#1139358).

CVE-2019-14284: In the Linux kernel, drivers/block/floppy.c allowed a denial of service by setup_format_params division-by-zero.
(bnc#bsc#1143189)

CVE-2019-14283: In the Linux kernel, set_geometry in drivers/block/floppy.c did not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default.
(bsc#1143191)

CVE-2019-11810: An issue was discovered in the Linux kernel A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c.
This causes a Denial of Service, related to a use-after-free.
(bsc#1134399)

CVE-2019-13648: In the Linux kernel on the powerpc platform, when hardware transactional memory was disabled, a local user can cause a denial of service via a sigreturn() system call that sends a crafted signal frame. (bnc#1142265)

CVE-2019-13631: In parse_hid_report_descriptor, a malicious usb device could send an hid: report that triggered an out-of-bounds write during generation of debugging messages. (bnc#1142023)

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2019:2068-1.
# The text itself is copyright (C) SUSE.
#

include("compat.inc");

if (description)
{
  script_id(127772);
  script_version("1.4");
  script_cvs_date("Date: 2020/02/18");

  script_cve_id("CVE-2018-20855", "CVE-2019-1125", "CVE-2019-11810", "CVE-2019-13631", "CVE-2019-13648", "CVE-2019-14283", "CVE-2019-14284");

  script_name(english:"SUSE SLED15 / SLES15 Security Update : Linux Azure Kernel (SUSE-SU-2019:2068-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The SUSE Linux Enterprise 15 Azure kernel was updated to receive
various security and bugfixes.

The following security bugs were fixed :

CVE-2018-20855: An issue was discovered in create_qp_common,
mlx5_ib_create_qp_resp was never initialized, resulting in a leak of
stack memory to userspace. (bnc#bsc#1103991)

CVE-2019-1125: Fix Spectre V1 variant via swapgs: Exclude ATOMs from
speculation through SWAPGS (bsc#1139358).

CVE-2019-14284: In the Linux kernel, drivers/block/floppy.c allowed a
denial of service by setup_format_params division-by-zero.
(bnc#bsc#1143189)

CVE-2019-14283: In the Linux kernel, set_geometry in
drivers/block/floppy.c did not validate the sect and head fields, as
demonstrated by an integer overflow and out-of-bounds read. It can be
triggered by an unprivileged local user when a floppy disk has been
inserted. NOTE: QEMU creates the floppy device by default.
(bsc#1143191)

CVE-2019-11810: An issue was discovered in the Linux kernel A NULL
pointer dereference can occur when megasas_create_frame_pool() fails
in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c.
This causes a Denial of Service, related to a use-after-free.
(bsc#1134399)

CVE-2019-13648: In the Linux kernel on the powerpc platform, when
hardware transactional memory was disabled, a local user can cause a
denial of service via a sigreturn() system call that sends a crafted
signal frame. (bnc#1142265)

CVE-2019-13631: In parse_hid_report_descriptor, a malicious usb device
could send an hid: report that triggered an out-of-bounds write during
generation of debugging messages. (bnc#1142023)

The update package also includes non-security fixes. See advisory for
details.

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1051510"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1055117"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1071995"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1083647"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1083710"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1103991"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1111666"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1119222"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1123080"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1127034"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1127315"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1129770"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1133021"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1134097"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1134390"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1134399"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1135335"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1135642"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1137458"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1137534"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1137535"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1137584"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1137609"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1137827"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1139358"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140133"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140139"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140322"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140652"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140887"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140888"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140889"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140891"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140893"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140903"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140945"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140948"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140954"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140955"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140956"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140957"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140958"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140959"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140960"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140961"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140962"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140964"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140971"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140972"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1140992"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1141401"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1141402"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1141452"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1141453"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1141454"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1141478"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142023"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142112"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142220"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142221"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142265"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142350"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142351"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142354"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142359"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142450"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142701"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1142868"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1143003"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1143105"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1143185"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1143189"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1143191"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1143507"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2018-20855/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-1125/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-11810/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-13631/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-13648/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-14283/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2019-14284/"
  );
  # https://www.suse.com/support/update/announcement/2019/suse-su-20192068-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?c4fa0e5e"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Module for Public Cloud 15:zypper in -t patch
SUSE-SLE-Module-Public-Cloud-15-2019-2068=1

SUSE Linux Enterprise Module for Open Buildservice Development Tools
15-SP1:zypper in -t patch
SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2068=1"
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-14283");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cluster-md-kmp-azure");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cluster-md-kmp-azure-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dlm-kmp-azure");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dlm-kmp-azure-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gfs2-kmp-azure");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gfs2-kmp-azure-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-devel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-extra-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-livepatch");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms-azure");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kselftests-kmp-azure");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kselftests-kmp-azure-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ocfs2-kmp-azure");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ocfs2-kmp-azure-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:reiserfs-kmp-azure");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:reiserfs-kmp-azure-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/08/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
if (cpu >!< "x86_64") audit(AUDIT_ARCH_NOT, "x86_64", cpu);


sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP1", os_ver + " SP" + sp);
if (os_ver == "SLED15" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP1", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"cluster-md-kmp-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"cluster-md-kmp-azure-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"dlm-kmp-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"dlm-kmp-azure-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"gfs2-kmp-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"gfs2-kmp-azure-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-base-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-base-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-debugsource-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-devel-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-devel-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-extra-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-extra-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-livepatch-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-syms-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kselftests-kmp-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kselftests-kmp-azure-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"ocfs2-kmp-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"ocfs2-kmp-azure-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"reiserfs-kmp-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"reiserfs-kmp-azure-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"cluster-md-kmp-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"cluster-md-kmp-azure-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"dlm-kmp-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"dlm-kmp-azure-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"gfs2-kmp-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"gfs2-kmp-azure-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-base-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-base-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-debugsource-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-devel-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-devel-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-extra-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-extra-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-livepatch-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-syms-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kselftests-kmp-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kselftests-kmp-azure-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"ocfs2-kmp-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"ocfs2-kmp-azure-debuginfo-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"reiserfs-kmp-azure-4.12.14-5.38.1")) flag++;
if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"reiserfs-kmp-azure-debuginfo-4.12.14-5.38.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Linux Azure Kernel");
}

VendorProductVersionCPE
novellsuse_linuxcluster-md-kmp-azure-debuginfop-cpe:/a:novell:suse_linux:cluster-md-kmp-azure-debuginfo
novellsuse_linuxreiserfs-kmp-azurep-cpe:/a:novell:suse_linux:reiserfs-kmp-azure
novellsuse_linuxdlm-kmp-azure-debuginfop-cpe:/a:novell:suse_linux:dlm-kmp-azure-debuginfo
novellsuse_linuxkernel-azure-debugsourcep-cpe:/a:novell:suse_linux:kernel-azure-debugsource
novellsuse_linuxreiserfs-kmp-azure-debuginfop-cpe:/a:novell:suse_linux:reiserfs-kmp-azure-debuginfo
novellsuse_linuxgfs2-kmp-azure-debuginfop-cpe:/a:novell:suse_linux:gfs2-kmp-azure-debuginfo
novellsuse_linuxkernel-azure-extrap-cpe:/a:novell:suse_linux:kernel-azure-extra
novellsuse_linuxkernel-azure-extra-debuginfop-cpe:/a:novell:suse_linux:kernel-azure-extra-debuginfo
novellsuse_linuxkernel-azure-base-debuginfop-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo
novellsuse_linuxdlm-kmp-azurep-cpe:/a:novell:suse_linux:dlm-kmp-azure

Vendor	Product	Version	CPE
novell	suse_linux	cluster-md-kmp-azure-debuginfo	p-cpe:/a:novell:suse_linux:cluster-md-kmp-azure-debuginfo
novell	suse_linux	reiserfs-kmp-azure	p-cpe:/a:novell:suse_linux:reiserfs-kmp-azure
novell	suse_linux	dlm-kmp-azure-debuginfo	p-cpe:/a:novell:suse_linux:dlm-kmp-azure-debuginfo
novell	suse_linux	kernel-azure-debugsource	p-cpe:/a:novell:suse_linux:kernel-azure-debugsource
novell	suse_linux	reiserfs-kmp-azure-debuginfo	p-cpe:/a:novell:suse_linux:reiserfs-kmp-azure-debuginfo
novell	suse_linux	gfs2-kmp-azure-debuginfo	p-cpe:/a:novell:suse_linux:gfs2-kmp-azure-debuginfo
novell	suse_linux	kernel-azure-extra	p-cpe:/a:novell:suse_linux:kernel-azure-extra
novell	suse_linux	kernel-azure-extra-debuginfo	p-cpe:/a:novell:suse_linux:kernel-azure-extra-debuginfo
novell	suse_linux	kernel-azure-base-debuginfo	p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo
novell	suse_linux	dlm-kmp-azure	p-cpe:/a:novell:suse_linux:dlm-kmp-azure

Rows per page:

1-10 of 241

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20855

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1125

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11810

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13631

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13648

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14283

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14284

www.nessus.org/u?c4fa0e5e

bugzilla.suse.com/show_bug.cgi?id=1051510

bugzilla.suse.com/show_bug.cgi?id=1055117

bugzilla.suse.com/show_bug.cgi?id=1071995

bugzilla.suse.com/show_bug.cgi?id=1083647

bugzilla.suse.com/show_bug.cgi?id=1083710

bugzilla.suse.com/show_bug.cgi?id=1103991

bugzilla.suse.com/show_bug.cgi?id=1111666

bugzilla.suse.com/show_bug.cgi?id=1119222

bugzilla.suse.com/show_bug.cgi?id=1123080

bugzilla.suse.com/show_bug.cgi?id=1127034

bugzilla.suse.com/show_bug.cgi?id=1127315

bugzilla.suse.com/show_bug.cgi?id=1129770

bugzilla.suse.com/show_bug.cgi?id=1133021

bugzilla.suse.com/show_bug.cgi?id=1134097

bugzilla.suse.com/show_bug.cgi?id=1134390

bugzilla.suse.com/show_bug.cgi?id=1134399

bugzilla.suse.com/show_bug.cgi?id=1135335

bugzilla.suse.com/show_bug.cgi?id=1135642

bugzilla.suse.com/show_bug.cgi?id=1137458

bugzilla.suse.com/show_bug.cgi?id=1137534

bugzilla.suse.com/show_bug.cgi?id=1137535

bugzilla.suse.com/show_bug.cgi?id=1137584

bugzilla.suse.com/show_bug.cgi?id=1137609

bugzilla.suse.com/show_bug.cgi?id=1137827

bugzilla.suse.com/show_bug.cgi?id=1139358

bugzilla.suse.com/show_bug.cgi?id=1140133

bugzilla.suse.com/show_bug.cgi?id=1140139

bugzilla.suse.com/show_bug.cgi?id=1140322

bugzilla.suse.com/show_bug.cgi?id=1140652

bugzilla.suse.com/show_bug.cgi?id=1140887

bugzilla.suse.com/show_bug.cgi?id=1140888

bugzilla.suse.com/show_bug.cgi?id=1140889

bugzilla.suse.com/show_bug.cgi?id=1140891

bugzilla.suse.com/show_bug.cgi?id=1140893

bugzilla.suse.com/show_bug.cgi?id=1140903

bugzilla.suse.com/show_bug.cgi?id=1140945

bugzilla.suse.com/show_bug.cgi?id=1140948

bugzilla.suse.com/show_bug.cgi?id=1140954

bugzilla.suse.com/show_bug.cgi?id=1140955

bugzilla.suse.com/show_bug.cgi?id=1140956

bugzilla.suse.com/show_bug.cgi?id=1140957

bugzilla.suse.com/show_bug.cgi?id=1140958

bugzilla.suse.com/show_bug.cgi?id=1140959

bugzilla.suse.com/show_bug.cgi?id=1140960

bugzilla.suse.com/show_bug.cgi?id=1140961

bugzilla.suse.com/show_bug.cgi?id=1140962

bugzilla.suse.com/show_bug.cgi?id=1140964

bugzilla.suse.com/show_bug.cgi?id=1140971

bugzilla.suse.com/show_bug.cgi?id=1140972

bugzilla.suse.com/show_bug.cgi?id=1140992

bugzilla.suse.com/show_bug.cgi?id=1141401

bugzilla.suse.com/show_bug.cgi?id=1141402

bugzilla.suse.com/show_bug.cgi?id=1141452

bugzilla.suse.com/show_bug.cgi?id=1141453

bugzilla.suse.com/show_bug.cgi?id=1141454

bugzilla.suse.com/show_bug.cgi?id=1141478

bugzilla.suse.com/show_bug.cgi?id=1142023

bugzilla.suse.com/show_bug.cgi?id=1142112

bugzilla.suse.com/show_bug.cgi?id=1142220

bugzilla.suse.com/show_bug.cgi?id=1142221

bugzilla.suse.com/show_bug.cgi?id=1142265

bugzilla.suse.com/show_bug.cgi?id=1142350

bugzilla.suse.com/show_bug.cgi?id=1142351

bugzilla.suse.com/show_bug.cgi?id=1142354

bugzilla.suse.com/show_bug.cgi?id=1142359

bugzilla.suse.com/show_bug.cgi?id=1142450

bugzilla.suse.com/show_bug.cgi?id=1142701

bugzilla.suse.com/show_bug.cgi?id=1142868

bugzilla.suse.com/show_bug.cgi?id=1143003

bugzilla.suse.com/show_bug.cgi?id=1143105

bugzilla.suse.com/show_bug.cgi?id=1143185

bugzilla.suse.com/show_bug.cgi?id=1143189

bugzilla.suse.com/show_bug.cgi?id=1143191

bugzilla.suse.com/show_bug.cgi?id=1143507

www.suse.com/security/cve/CVE-2018-20855/

www.suse.com/security/cve/CVE-2019-1125/

www.suse.com/security/cve/CVE-2019-11810/

www.suse.com/security/cve/CVE-2019-13631/

www.suse.com/security/cve/CVE-2019-13648/

www.suse.com/security/cve/CVE-2019-14283/

www.suse.com/security/cve/CVE-2019-14284/

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.018 Low

EPSS

Percentile

88.3%

JSON

Related for SUSE_SU-2019-2068-1.NASL