10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.017 Low
EPSS
Percentile
87.7%
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed :
CVE-2019-14615: An information disclosure vulnerability existed due to insufficient control flow in certain data structures for some IntelĀ® Processors (bnc#1160195).
CVE-2019-14896: A heap-based buffer overflow vulnerability was found in the Marvell WiFi driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP (bnc#1157157).
CVE-2019-14897: A stack-based buffer overflow was found in the Marvell WiFi driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA (bnc#1157155).
CVE-2019-16994: A memory leak existed in sit_init_net() in net/ipv6/sit.c which might have caused denial of service, aka CID-07f12b26e21a (bnc#1161523).
CVE-2019-18808: A memory leak in drivers/crypto/ccp/ccp-ops.c allowed attackers to cause a denial of service (memory consumption), aka CID-128c66429247 (bnc#1156259).
CVE-2019-19036: An issue discovered in btrfs_root_node in fs/btrfs/ctree.c allowed a NULL pointer dereference because rcu_dereference(root->node) can be zero (bnc#1157692).
CVE-2019-19045: A memory leak in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c allowed attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7 (bnc#1161522).
CVE-2019-19054: A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c allowed attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b (bnc#1161518).
CVE-2019-19318: Mounting a crafted btrfs image twice could have caused a use-after-free (bnc#1158026).
CVE-2019-19319: A slab-out-of-bounds write access could have occured when setxattr was called after mounting of a specially crafted ext4 image (bnc#1158021).
CVE-2019-19447: Mounting a crafted ext4 filesystem image, performing some operations, and unmounting could have led to a use-after-free in fs/ext4/super.c (bnc#1158819).
CVE-2019-19767: There were multiple use-after-free errors in
__ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163 (bnc#1159297).
CVE-2019-19927: A slab-out-of-bounds read access occured when mounting a crafted f2fs filesystem image and performing some operations on it (bnc#1160147).
CVE-2019-19965: There was a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5 (bnc#1159911).
CVE-2019-19966: There was a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that could have caused a denial of service, aka CID-dea37a972655 (bnc#1159841).
CVE-2019-20054: There was a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e (bnc#1159910).
CVE-2019-20095: Several memory leaks were found in drivers/net/wireless/marvell/mwifiex/cfg80211.c, aka CID-003b686ace82 (bnc#1159909).
CVE-2019-20096: There was a memory leak in __feat_register_sp() in net/dccp/feat.c, aka CID-1d3ff0950e2b (bnc#1159908).
CVE-2020-7053: There was a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c (bnc#1160966).
CVE-2020-8428: There was a use-after-free bug in fs/namei.c, which allowed local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9 (bnc#1162109).
CVE-2020-8428: There was a use-after-free bug in fs/namei.c, which allowed local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9 (bnc#1162109).
CVE-2020-8648: There was a use-after-free vulnerability in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (bnc#1162928).
CVE-2020-8992: An issue was discovered in ext4_protect_reserved_inode in fs/ext4/block_validity.c that allowed attackers to cause a soft lockup via a crafted journal size (bnc#1164069).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2020:0580-1.
# The text itself is copyright (C) SUSE.
#
include('compat.inc');
if (description)
{
script_id(134292);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/25");
script_cve_id(
"CVE-2019-14615",
"CVE-2019-14896",
"CVE-2019-14897",
"CVE-2019-16994",
"CVE-2019-18808",
"CVE-2019-19036",
"CVE-2019-19045",
"CVE-2019-19054",
"CVE-2019-19318",
"CVE-2019-19319",
"CVE-2019-19447",
"CVE-2019-19767",
"CVE-2019-19927",
"CVE-2019-19965",
"CVE-2019-19966",
"CVE-2019-20054",
"CVE-2019-20095",
"CVE-2019-20096",
"CVE-2020-7053",
"CVE-2020-8428",
"CVE-2020-8648",
"CVE-2020-8992"
);
script_name(english:"SUSE SLES12 Security Update : kernel (SUSE-SU-2020:0580-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed :
CVE-2019-14615: An information disclosure vulnerability existed due to
insufficient control flow in certain data structures for some Intel(R)
Processors (bnc#1160195).
CVE-2019-14896: A heap-based buffer overflow vulnerability was found
in the Marvell WiFi driver. A remote attacker could cause a denial of
service (system crash) or, possibly execute arbitrary code, when the
lbs_ibss_join_existing function is called after a STA connects to an
AP (bnc#1157157).
CVE-2019-14897: A stack-based buffer overflow was found in the Marvell
WiFi driver. An attacker is able to cause a denial of service (system
crash) or, possibly execute arbitrary code, when a STA works in IBSS
mode (allows connecting stations together without the use of an AP)
and connects to another STA (bnc#1157155).
CVE-2019-16994: A memory leak existed in sit_init_net() in
net/ipv6/sit.c which might have caused denial of service, aka
CID-07f12b26e21a (bnc#1161523).
CVE-2019-18808: A memory leak in drivers/crypto/ccp/ccp-ops.c allowed
attackers to cause a denial of service (memory consumption), aka
CID-128c66429247 (bnc#1156259).
CVE-2019-19036: An issue discovered in btrfs_root_node in
fs/btrfs/ctree.c allowed a NULL pointer dereference because
rcu_dereference(root->node) can be zero (bnc#1157692).
CVE-2019-19045: A memory leak in
drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c allowed attackers
to cause a denial of service (memory consumption) by triggering
mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7 (bnc#1161522).
CVE-2019-19054: A memory leak in the cx23888_ir_probe() function in
drivers/media/pci/cx23885/cx23888-ir.c allowed attackers to cause a
denial of service (memory consumption) by triggering kfifo_alloc()
failures, aka CID-a7b2df76b42b (bnc#1161518).
CVE-2019-19318: Mounting a crafted btrfs image twice could have caused
a use-after-free (bnc#1158026).
CVE-2019-19319: A slab-out-of-bounds write access could have occured
when setxattr was called after mounting of a specially crafted ext4
image (bnc#1158021).
CVE-2019-19447: Mounting a crafted ext4 filesystem image, performing
some operations, and unmounting could have led to a use-after-free in
fs/ext4/super.c (bnc#1158819).
CVE-2019-19767: There were multiple use-after-free errors in
__ext4_expand_extra_isize and ext4_xattr_set_entry, related to
fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163
(bnc#1159297).
CVE-2019-19927: A slab-out-of-bounds read access occured when mounting
a crafted f2fs filesystem image and performing some operations on it
(bnc#1160147).
CVE-2019-19965: There was a NULL pointer dereference in
drivers/scsi/libsas/sas_discover.c because of mishandling of port
disconnection during discovery, related to a PHY down race condition,
aka CID-f70267f379b5 (bnc#1159911).
CVE-2019-19966: There was a use-after-free in cpia2_exit() in
drivers/media/usb/cpia2/cpia2_v4l.c that could have caused a denial of
service, aka CID-dea37a972655 (bnc#1159841).
CVE-2019-20054: There was a NULL pointer dereference in
drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links,
aka CID-23da9588037e (bnc#1159910).
CVE-2019-20095: Several memory leaks were found in
drivers/net/wireless/marvell/mwifiex/cfg80211.c, aka CID-003b686ace82
(bnc#1159909).
CVE-2019-20096: There was a memory leak in __feat_register_sp() in
net/dccp/feat.c, aka CID-1d3ff0950e2b (bnc#1159908).
CVE-2020-7053: There was a use-after-free (write) in the
i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka
CID-7dc40713618c (bnc#1160966).
CVE-2020-8428: There was a use-after-free bug in fs/namei.c, which
allowed local users to cause a denial of service (OOPS) or possibly
obtain sensitive information from kernel memory, aka CID-d0cb50185ae9
(bnc#1162109).
CVE-2020-8428: There was a use-after-free bug in fs/namei.c, which
allowed local users to cause a denial of service (OOPS) or possibly
obtain sensitive information from kernel memory, aka CID-d0cb50185ae9
(bnc#1162109).
CVE-2020-8648: There was a use-after-free vulnerability in the
n_tty_receive_buf_common function in drivers/tty/n_tty.c
(bnc#1162928).
CVE-2020-8992: An issue was discovered in ext4_protect_reserved_inode
in fs/ext4/block_validity.c that allowed attackers to cause a soft
lockup via a crafted journal size (bnc#1164069).
The update package also includes non-security fixes. See advisory for
details.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1046303");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1050244");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1051510");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1051858");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1061840");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1065600");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1065729");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1071995");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1083647");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1085030");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1086301");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1086313");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1086314");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1088810");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1103989");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1103990");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1103991");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1104353");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1104427");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1104745");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1105392");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1109837");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1111666");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1112178");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1112374");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1112504");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1113956");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114279");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114648");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1114685");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1118661");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1123328");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1126206");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1127371");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1127611");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1127682");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1129551");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1133021");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1133147");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1134973");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140025");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1142685");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1143959");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1144333");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1151910");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1151927");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1153535");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1153917");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1154243");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1154601");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1155331");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1155334");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1156259");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1156286");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1156609");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157155");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157157");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157424");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157480");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157692");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157853");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1157966");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158013");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158021");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158026");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158071");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1158819");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159028");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159096");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159271");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159297");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159377");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159394");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159483");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159484");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159500");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159569");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159588");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159841");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159908");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159909");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159910");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159911");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159955");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160147");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160195");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160210");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160211");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160218");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160433");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160442");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160469");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160470");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160476");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160560");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160618");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160678");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160755");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160756");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160784");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160787");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160802");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160803");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160804");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160917");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160966");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1160979");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161087");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161243");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161360");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161472");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161514");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161518");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161522");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161523");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161549");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161552");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161674");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161702");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161875");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161907");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161931");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161933");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161934");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161935");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161936");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161937");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162028");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162067");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162109");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162139");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162171");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162557");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162617");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162618");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162619");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162623");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162928");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162943");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163206");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163383");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163384");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163762");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163774");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163836");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163840");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163841");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163842");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163843");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163844");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163845");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163846");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163849");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163850");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163851");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163852");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163853");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163855");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163856");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163857");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163858");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163859");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163860");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163861");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163862");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163863");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163867");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163869");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1163880");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164069");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164098");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164314");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164315");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1164471");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-14615/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-14896/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-14897/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-16994/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-18808/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19036/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19045/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19054/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19318/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19319/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19447/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19767/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19927/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19965/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-19966/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-20054/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-20095/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-20096/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-7053/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-8428/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-8648/");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-8992/");
# https://www.suse.com/support/update/announcement/2020/suse-su-20200580-1/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?423af763");
script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Workstation Extension 12-SP5:zypper in -t patch
SUSE-SLE-WE-12-SP5-2020-580=1
SUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t
patch SUSE-SLE-SDK-12-SP5-2020-580=1
SUSE Linux Enterprise Server 12-SP5:zypper in -t patch
SUSE-SLE-SERVER-12-SP5-2020-580=1
SUSE Linux Enterprise Live Patching 12-SP5:zypper in -t patch
SUSE-SLE-Live-Patching-12-SP5-2020-580=1
SUSE Linux Enterprise High Availability 12-SP5:zypper in -t patch
SUSE-SLE-HA-12-SP5-2020-580=1");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-14896");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2019-14897");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/30");
script_set_attribute(attribute:"patch_publication_date", value:"2020/03/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/06");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-man");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(5)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP5", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"5", cpu:"x86_64", reference:"kernel-default-devel-debuginfo-4.12.14-122.17.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", cpu:"s390x", reference:"kernel-default-man-4.12.14-122.17.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-default-4.12.14-122.17.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-default-base-4.12.14-122.17.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-default-base-debuginfo-4.12.14-122.17.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-default-debuginfo-4.12.14-122.17.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-default-debugsource-4.12.14-122.17.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-default-devel-4.12.14-122.17.1")) flag++;
if (rpm_check(release:"SLES12", sp:"5", reference:"kernel-syms-4.12.14-122.17.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | kernel-default-debuginfo | p-cpe:/a:novell:suse_linux:kernel-default-debuginfo |
novell | suse_linux | kernel-default-debugsource | p-cpe:/a:novell:suse_linux:kernel-default-debugsource |
novell | suse_linux | kernel-default-devel | p-cpe:/a:novell:suse_linux:kernel-default-devel |
novell | suse_linux | kernel-default-devel-debuginfo | p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo |
novell | suse_linux | kernel-default-man | p-cpe:/a:novell:suse_linux:kernel-default-man |
novell | suse_linux | kernel-syms | p-cpe:/a:novell:suse_linux:kernel-syms |
novell | suse_linux | 12 | cpe:/o:novell:suse_linux:12 |
novell | suse_linux | kernel-default | p-cpe:/a:novell:suse_linux:kernel-default |
novell | suse_linux | kernel-default-base | p-cpe:/a:novell:suse_linux:kernel-default-base |
novell | suse_linux | kernel-default-base-debuginfo | p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14615
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14897
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16994
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18808
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19036
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19045
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19054
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19318
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19319
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19447
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19767
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19927
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19965
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19966
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20054
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20095
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7053
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8428
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8648
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8992
www.nessus.org/u?423af763
bugzilla.suse.com/show_bug.cgi?id=1046303
bugzilla.suse.com/show_bug.cgi?id=1050244
bugzilla.suse.com/show_bug.cgi?id=1051510
bugzilla.suse.com/show_bug.cgi?id=1051858
bugzilla.suse.com/show_bug.cgi?id=1061840
bugzilla.suse.com/show_bug.cgi?id=1065600
bugzilla.suse.com/show_bug.cgi?id=1065729
bugzilla.suse.com/show_bug.cgi?id=1071995
bugzilla.suse.com/show_bug.cgi?id=1083647
bugzilla.suse.com/show_bug.cgi?id=1085030
bugzilla.suse.com/show_bug.cgi?id=1086301
bugzilla.suse.com/show_bug.cgi?id=1086313
bugzilla.suse.com/show_bug.cgi?id=1086314
bugzilla.suse.com/show_bug.cgi?id=1088810
bugzilla.suse.com/show_bug.cgi?id=1103989
bugzilla.suse.com/show_bug.cgi?id=1103990
bugzilla.suse.com/show_bug.cgi?id=1103991
bugzilla.suse.com/show_bug.cgi?id=1104353
bugzilla.suse.com/show_bug.cgi?id=1104427
bugzilla.suse.com/show_bug.cgi?id=1104745
bugzilla.suse.com/show_bug.cgi?id=1105392
bugzilla.suse.com/show_bug.cgi?id=1109837
bugzilla.suse.com/show_bug.cgi?id=1111666
bugzilla.suse.com/show_bug.cgi?id=1112178
bugzilla.suse.com/show_bug.cgi?id=1112374
bugzilla.suse.com/show_bug.cgi?id=1112504
bugzilla.suse.com/show_bug.cgi?id=1113956
bugzilla.suse.com/show_bug.cgi?id=1114279
bugzilla.suse.com/show_bug.cgi?id=1114648
bugzilla.suse.com/show_bug.cgi?id=1114685
bugzilla.suse.com/show_bug.cgi?id=1118661
bugzilla.suse.com/show_bug.cgi?id=1123328
bugzilla.suse.com/show_bug.cgi?id=1126206
bugzilla.suse.com/show_bug.cgi?id=1127371
bugzilla.suse.com/show_bug.cgi?id=1127611
bugzilla.suse.com/show_bug.cgi?id=1127682
bugzilla.suse.com/show_bug.cgi?id=1129551
bugzilla.suse.com/show_bug.cgi?id=1133021
bugzilla.suse.com/show_bug.cgi?id=1133147
bugzilla.suse.com/show_bug.cgi?id=1134973
bugzilla.suse.com/show_bug.cgi?id=1140025
bugzilla.suse.com/show_bug.cgi?id=1142685
bugzilla.suse.com/show_bug.cgi?id=1143959
bugzilla.suse.com/show_bug.cgi?id=1144333
bugzilla.suse.com/show_bug.cgi?id=1151910
bugzilla.suse.com/show_bug.cgi?id=1151927
bugzilla.suse.com/show_bug.cgi?id=1153535
bugzilla.suse.com/show_bug.cgi?id=1153917
bugzilla.suse.com/show_bug.cgi?id=1154243
bugzilla.suse.com/show_bug.cgi?id=1154601
bugzilla.suse.com/show_bug.cgi?id=1155331
bugzilla.suse.com/show_bug.cgi?id=1155334
bugzilla.suse.com/show_bug.cgi?id=1156259
bugzilla.suse.com/show_bug.cgi?id=1156286
bugzilla.suse.com/show_bug.cgi?id=1156609
bugzilla.suse.com/show_bug.cgi?id=1157155
bugzilla.suse.com/show_bug.cgi?id=1157157
bugzilla.suse.com/show_bug.cgi?id=1157424
bugzilla.suse.com/show_bug.cgi?id=1157480
bugzilla.suse.com/show_bug.cgi?id=1157692
bugzilla.suse.com/show_bug.cgi?id=1157853
bugzilla.suse.com/show_bug.cgi?id=1157966
bugzilla.suse.com/show_bug.cgi?id=1158013
bugzilla.suse.com/show_bug.cgi?id=1158021
bugzilla.suse.com/show_bug.cgi?id=1158026
bugzilla.suse.com/show_bug.cgi?id=1158071
bugzilla.suse.com/show_bug.cgi?id=1158819
bugzilla.suse.com/show_bug.cgi?id=1159028
bugzilla.suse.com/show_bug.cgi?id=1159096
bugzilla.suse.com/show_bug.cgi?id=1159271
bugzilla.suse.com/show_bug.cgi?id=1159297
bugzilla.suse.com/show_bug.cgi?id=1159377
bugzilla.suse.com/show_bug.cgi?id=1159394
bugzilla.suse.com/show_bug.cgi?id=1159483
bugzilla.suse.com/show_bug.cgi?id=1159484
bugzilla.suse.com/show_bug.cgi?id=1159500
bugzilla.suse.com/show_bug.cgi?id=1159569
bugzilla.suse.com/show_bug.cgi?id=1159588
bugzilla.suse.com/show_bug.cgi?id=1159841
bugzilla.suse.com/show_bug.cgi?id=1159908
bugzilla.suse.com/show_bug.cgi?id=1159909
bugzilla.suse.com/show_bug.cgi?id=1159910
bugzilla.suse.com/show_bug.cgi?id=1159911
bugzilla.suse.com/show_bug.cgi?id=1159955
bugzilla.suse.com/show_bug.cgi?id=1160147
bugzilla.suse.com/show_bug.cgi?id=1160195
bugzilla.suse.com/show_bug.cgi?id=1160210
bugzilla.suse.com/show_bug.cgi?id=1160211
bugzilla.suse.com/show_bug.cgi?id=1160218
bugzilla.suse.com/show_bug.cgi?id=1160433
bugzilla.suse.com/show_bug.cgi?id=1160442
bugzilla.suse.com/show_bug.cgi?id=1160469
bugzilla.suse.com/show_bug.cgi?id=1160470
bugzilla.suse.com/show_bug.cgi?id=1160476
bugzilla.suse.com/show_bug.cgi?id=1160560
bugzilla.suse.com/show_bug.cgi?id=1160618
bugzilla.suse.com/show_bug.cgi?id=1160678
bugzilla.suse.com/show_bug.cgi?id=1160755
bugzilla.suse.com/show_bug.cgi?id=1160756
bugzilla.suse.com/show_bug.cgi?id=1160784
bugzilla.suse.com/show_bug.cgi?id=1160787
bugzilla.suse.com/show_bug.cgi?id=1160802
bugzilla.suse.com/show_bug.cgi?id=1160803
bugzilla.suse.com/show_bug.cgi?id=1160804
bugzilla.suse.com/show_bug.cgi?id=1160917
bugzilla.suse.com/show_bug.cgi?id=1160966
bugzilla.suse.com/show_bug.cgi?id=1160979
bugzilla.suse.com/show_bug.cgi?id=1161087
bugzilla.suse.com/show_bug.cgi?id=1161243
bugzilla.suse.com/show_bug.cgi?id=1161360
bugzilla.suse.com/show_bug.cgi?id=1161472
bugzilla.suse.com/show_bug.cgi?id=1161514
bugzilla.suse.com/show_bug.cgi?id=1161518
bugzilla.suse.com/show_bug.cgi?id=1161522
bugzilla.suse.com/show_bug.cgi?id=1161523
bugzilla.suse.com/show_bug.cgi?id=1161549
bugzilla.suse.com/show_bug.cgi?id=1161552
bugzilla.suse.com/show_bug.cgi?id=1161674
bugzilla.suse.com/show_bug.cgi?id=1161702
bugzilla.suse.com/show_bug.cgi?id=1161875
bugzilla.suse.com/show_bug.cgi?id=1161907
bugzilla.suse.com/show_bug.cgi?id=1161931
bugzilla.suse.com/show_bug.cgi?id=1161933
bugzilla.suse.com/show_bug.cgi?id=1161934
bugzilla.suse.com/show_bug.cgi?id=1161935
bugzilla.suse.com/show_bug.cgi?id=1161936
bugzilla.suse.com/show_bug.cgi?id=1161937
bugzilla.suse.com/show_bug.cgi?id=1162028
bugzilla.suse.com/show_bug.cgi?id=1162067
bugzilla.suse.com/show_bug.cgi?id=1162109
bugzilla.suse.com/show_bug.cgi?id=1162139
bugzilla.suse.com/show_bug.cgi?id=1162171
bugzilla.suse.com/show_bug.cgi?id=1162557
bugzilla.suse.com/show_bug.cgi?id=1162617
bugzilla.suse.com/show_bug.cgi?id=1162618
bugzilla.suse.com/show_bug.cgi?id=1162619
bugzilla.suse.com/show_bug.cgi?id=1162623
bugzilla.suse.com/show_bug.cgi?id=1162928
bugzilla.suse.com/show_bug.cgi?id=1162943
bugzilla.suse.com/show_bug.cgi?id=1163206
bugzilla.suse.com/show_bug.cgi?id=1163383
bugzilla.suse.com/show_bug.cgi?id=1163384
bugzilla.suse.com/show_bug.cgi?id=1163762
bugzilla.suse.com/show_bug.cgi?id=1163774
bugzilla.suse.com/show_bug.cgi?id=1163836
bugzilla.suse.com/show_bug.cgi?id=1163840
bugzilla.suse.com/show_bug.cgi?id=1163841
bugzilla.suse.com/show_bug.cgi?id=1163842
bugzilla.suse.com/show_bug.cgi?id=1163843
bugzilla.suse.com/show_bug.cgi?id=1163844
bugzilla.suse.com/show_bug.cgi?id=1163845
bugzilla.suse.com/show_bug.cgi?id=1163846
bugzilla.suse.com/show_bug.cgi?id=1163849
bugzilla.suse.com/show_bug.cgi?id=1163850
bugzilla.suse.com/show_bug.cgi?id=1163851
bugzilla.suse.com/show_bug.cgi?id=1163852
bugzilla.suse.com/show_bug.cgi?id=1163853
bugzilla.suse.com/show_bug.cgi?id=1163855
bugzilla.suse.com/show_bug.cgi?id=1163856
bugzilla.suse.com/show_bug.cgi?id=1163857
bugzilla.suse.com/show_bug.cgi?id=1163858
bugzilla.suse.com/show_bug.cgi?id=1163859
bugzilla.suse.com/show_bug.cgi?id=1163860
bugzilla.suse.com/show_bug.cgi?id=1163861
bugzilla.suse.com/show_bug.cgi?id=1163862
bugzilla.suse.com/show_bug.cgi?id=1163863
bugzilla.suse.com/show_bug.cgi?id=1163867
bugzilla.suse.com/show_bug.cgi?id=1163869
bugzilla.suse.com/show_bug.cgi?id=1163880
bugzilla.suse.com/show_bug.cgi?id=1164069
bugzilla.suse.com/show_bug.cgi?id=1164098
bugzilla.suse.com/show_bug.cgi?id=1164314
bugzilla.suse.com/show_bug.cgi?id=1164315
bugzilla.suse.com/show_bug.cgi?id=1164471
www.suse.com/security/cve/CVE-2019-14615/
www.suse.com/security/cve/CVE-2019-14896/
www.suse.com/security/cve/CVE-2019-14897/
www.suse.com/security/cve/CVE-2019-16994/
www.suse.com/security/cve/CVE-2019-18808/
www.suse.com/security/cve/CVE-2019-19036/
www.suse.com/security/cve/CVE-2019-19045/
www.suse.com/security/cve/CVE-2019-19054/
www.suse.com/security/cve/CVE-2019-19318/
www.suse.com/security/cve/CVE-2019-19319/
www.suse.com/security/cve/CVE-2019-19447/
www.suse.com/security/cve/CVE-2019-19767/
www.suse.com/security/cve/CVE-2019-19927/
www.suse.com/security/cve/CVE-2019-19965/
www.suse.com/security/cve/CVE-2019-19966/
www.suse.com/security/cve/CVE-2019-20054/
www.suse.com/security/cve/CVE-2019-20095/
www.suse.com/security/cve/CVE-2019-20096/
www.suse.com/security/cve/CVE-2020-7053/
www.suse.com/security/cve/CVE-2020-8428/
www.suse.com/security/cve/CVE-2020-8648/
www.suse.com/security/cve/CVE-2020-8992/
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.017 Low
EPSS
Percentile
87.7%