Security researchers disclosed two groups of CPU vulnerabilities
# Copyright (C) 2020 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.107830");
script_version("2020-06-05T12:34:50+0000");
script_tag(name:"last_modification", value:"2020-06-05 12:34:50 +0000 (Fri, 05 Jun 2020)");
script_tag(name:"creation_date", value:"2020-05-26 15:22:01 +0200 (Tue, 26 May 2020)");
script_tag(name:"cvss_base", value:"4.7");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:N/A:N");
script_cve_id("CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754");
script_tag(name:"qod_type", value:"remote_banner");
script_tag(name:"solution_type", value:"VendorFix");
script_name("Huawei Data Communication: CPU Vulnerabilities 'Meltdown' and 'Spectre' (huawei-sa-20180606-01-cpu)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2020 Greenbone Networks GmbH");
script_family("Huawei");
script_dependencies("gb_huawei_vrp_network_device_consolidation.nasl");
script_mandatory_keys("huawei/vrp/detected");
script_tag(name:"summary", value:"Security researchers disclosed two groups of CPU vulnerabilities 'Meltdown' and 'Spectre'.");
script_tag(name:"insight", value:"Security researchers disclosed two groups of CPU vulnerabilities 'Meltdown' and 'Spectre'. In some circumstances, a local attacker could exploit these vulnerabilities to read memory information belonging to other processes or other operating system kernel. (Vulnerability ID: HWPSIRT-2018-01001,HWPSIRT-2018-01002 and HWPSIRT-2018-01003)The three vulnerabilities have been assigned three Common Vulnerabilities and Exposures (CVE) IDs: CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754.Huawei has released software updates to fix these vulnerabilities. This advisory is available in the linked references.");
script_tag(name:"impact", value:"An attacker could exploit these vulnerabilities to read memory information belonging to other processes or other operating system kernel.");
script_tag(name:"affected", value:"1288H V5 versions V100R005C00
2288H V5 versions V100R005C00SPC100
2488 V5 versions V100R005C00
2488H V5 versions V100R005C00
5288 V3 versions Earlier than V100R003C00SPC620 (BIOS V387) versions
9032 versions Earlier than V100R001C30SPC103 (BIOS V320) versions
AR100 versions Earlier than V200R009C00SPC500 versions
AR100-S versions Earlier than V200R009C00SPC500 versions
AR110-S versions Earlier than V200R009C00SPC500 versions
AR120 versions Earlier than V200R009C00SPC500 versions
AR120-S versions Earlier than V200R009C00SPC500 versions
AR1220C versions Earlier than V200R009C00SPC500 versions
AR1500 versions Earlier than V200R009C00SPC500 versions
AR151-S2 versions Earlier than V200R009C00SPC500 versions
AR160 (Exclude AR160F) versions Earlier than V200R009C00SPC500 versions
AR160-S (Exclude AR160F-S) versions Earlier than V200R009C00SPC500 versions
AR2204-XGE versions Earlier than V200R009C00SPC500 versions
AR3600 versions Earlier than V200R009C00SPC500 versions
AR500 versions Earlier than V200R009C00SPC500 versions
AR510 versions Earlier than V200R009C00SPC500 versions
AR532 versions Earlier than V200R009C00SPC500 versions
AR550C versions Earlier than V200R009C00SPC500 versions
AR550E versions Earlier than V200R009C00SPC500 versions
BH622 V2 versions Earlier than V100R002C00SPC307 (BIOS V518) versions
BH640 V2 versions Earlier than V100R002C00SPC305 (BIOS V518) versions
BL-W09 versions Earlier than BIOS 2.02 versions
BL-W19 versions Earlier than BIOS 2.02 versions
Barca-AL00 versions Versions earlier than C00B191
Bond-AL10B versions Versions earlier than C00B182
CH121 versions Earlier than V100R001C00SPC305 (BIOS V521) versions
CH121 V3 versions Earlier than V100R001C00SPC255 (BIOS V387) versions
CH121 V5 versions Earlier than V100R001C00SPC122 (BIOS V059) versions
CH121H V3 versions Earlier than V100R001C00SPC115 (BIOS V387) versions
CH121L V3 versions Earlier than V100R001C00SPC155 (BIOS V387) versions
CH121L V5 versions Earlier than V100R001C00SPC120 (BIOS V059) versions
CH140 versions Earlier than V100R001C00SPC325 (BIOS V521) versions
CH140 V3 versions Earlier than V100R001C00SPC175 (BIOS V387) versions
CH140L V3 versions Earlier than V100R001C00SPC155 (BIOS V387) versions
CH220 versions Earlier than V100R001C00SPC305 (BIOS V521) versions
CH220 V3 versions Earlier than V100R001C00SPC255 (BIOS V387) versions
CH221 versions Earlier than V100R001C00SPC305 (BIOS V521) versions
CH222 versions Earlier than V100R001C00SPC305 (BIOS V521) versions
CH222 V3 versions Earlier than V100R001C00SPC255 (BIOS V387) versions
CH225 V3 versions Earlier than V100R001C00SPC155 (BIOS V387) versions
CH226 V3 versions Earlier than V100R001C00SPC175 (BIOS V387) versions
CH240 versions Earlier than V100R001C00SPC305 (BIOS V521) versions
CH242 V3 versions Earlier than V100R001C00SPC325 (BIOS V810 for DDR4, BIOS V355 for ) versions
CH242 V5 versions Earlier than V100R001C00SPC111 (BIOS V080) versions
DH320 V2 versions Earlier than V100R001C00SPC109 (BIOS V518) versions
DH321 V2 versions V100R002C00
DH626 V2 versions V100R002C00
DH628 V2 versions Earlier than V100R001C00SPC200 (BIOS V518) versions
Duke-L09 versions Versions earlier than C636B189
EVA-L09 versions Versions earlier than C432B398
EVA-L19 versions Versions earlier than C185B397 Versions earlier than C432B393 Versions earlier than C636B396
EulerOS versions V2.0SP1
V2.0SP2
FRD-DL00 versions Versions earlier than C00B396
FRD-L02 versions Versions earlier than C432B403
FRD-L04 versions Versions earlier than C567B391
FRD-L09 versions Versions earlier than C432B403
FRD-L14 versions Versions earlier than C567B392
FRD-L19 versions Versions earlier than C432B403
FusionCloud versions 2.0.5(KVM) 2.0.6(KVM) 6.0.0(KVM)
FusionCompute versions 6.3.0 V100R006C00 V100R006C10 V100R006C10SPC100 V100R006C10SPH105 V100R007C00
FusionCube versions Earlier than 3.0.1 versions
FusionSphere versions 5.1 (XEN) 6.0U1(XEN) 6.1(XEN)
FusionSphere OpenStack versions V100R005C00 V100R005C10 V100R006C00 V100R006C00RC3B036 V100R006C10
HZ-W09 versions Earlier than BIOS 1.51 versions
HZ-W19 versions Earlier than BIOS 1.51 versions
HZ-W29 versions Earlier than BIOS 1.51 versions
HiDPTAndroid versions Versions earlier than V500R002C00SPC020
KNT-AL20 versions Versions earlier than C00B397
KNT-UL10 versions Versions earlier than C00B397
Kunlun 9008 versions Earlier than V100R001C30SPC103 (BIOS V320) versions
Kunlun 9016 versions Earlier than V100R001C30SPC103 (BIOS V320) versions
Kunlun 9032 versions Earlier than V100R001C30SPC103 (BIOS V320) versions
MRC-W10 versions Earlier than BIOS 1.15 versions
MRC-W50 versions Earlier than BIOS 1.15 versions
MRC-W60 versions Earlier than BIOS 1.15 versions
NFVI versions 6.1.5(KVM)
NTS-AL00 versions Versions earlier than C00B547
OceanStor HVS85T versions V100R001C00
OceanStor HVS88T versions V100R001C00
OpsMonitor versions 1.3.5
PL-W09 versions Earlier than BIOS 1.20 versions
PL-W19 versions Earlier than BIOS 1.20 versions
PL-W29 versions Earlier than BIOS 1.20 versions
Picasso-AL00 versions Versions earlier than C00B191
RH1288 V2 versions Earlier than V100R002C00SPC613(BIOS V518) versions
RH1288 V3 versions Earlier than V100R003C00SPC650 (BIOS V387) versions
RH1288A V2 versions Earlier than V100R002C00SPC707(BIOS V518) versions
RH2265 V2 versions Earlier than V100R002C00SPC509(BIOS V518) versions
RH2268 V2 versions Earlier than V100R002C00SPC607(BIOS V518) versions
RH2285 V2 versions Earlier than V100R002C00SPC509(BIOS V518) versions
RH2285H V2 versions Earlier than V100R002C00SPC509(BIOS V518) versions
RH2288 V2 versions Earlier than V100R002C00SPC607(BIOS V518) versions
RH2288 V3 versions Earlier than V100R003C00SPC646 (BIOS V387) versions
RH2288A V2 versions Earlier than V100R002C00SPC707(BIOS V518) versions
RH2288E V2 versions Earlier than V100R002C00SPC301(BIOS V601) versions
RH2288H V2 versions Earlier than V100R002C00SPC618(BIOS V518) versions
RH2288H V3 versions Earlier than V100R003C00SPC552 (BIOS V387) versions
RH2485 V2 versions Earlier than V100R002C00SPC711 (BIOS V518) versions
RH5885 V2 versions Earlier than V100R001C02SPC305 (4P:BIOS V037, 8P:BIOS V061) versions
RH5885 V3 versions Earlier than V100R003C01SPC126(BIOS V355)V100R003C10SPC120(BIOS V810) versions
RH5885H V3 versions Earlier than V100R003C00SPC217 (E7V2:BIOS V355, E7V3:BIOS V657), V100R003C10SPC119 (E7V4:BIOS V810) versions
RH8100 V3 versions Earlier than V100R003C00SPC226(E7V2&E7V3: BIOS V697 E7V4:BIOS V810) versions
RSE6500 versions V500R002C00
SMC2.0 versions V100R003C10 V500R002C00
SRG1300 versions V200R006C00 V200R006C10 V200R006C11 V200R006C12 V200R006C13 V200R006C15 V200R006C16 V200R006C17 V200R007C00 V200R007C01 V200R007C02 V200R007C05 V200R007C06 V200R008C00 V200R008C10 V200R008C20 V200R008C30 V200R008C50 V200R009C00
SRG1320E versions Earlier than V200R009C00SPC500 versions
SRG550C versions Earlier than V200R009C00SPC500 versions
VIE-L09 versions Versions earlier than C02B352 Versions earlier than C109B347 Versions earlier than C113B374 Versions earlier than C150B379 Versions earlier than C432B381
VIE-L29 versions Versions earlier than C185B390
VP9630 versions V600R006C10
VP9660 versions V600R006C10
Vicky-L09B versions Versions earlier than C185B178
Vicky-L29A versions Versions earlier than C636B212
Victoria-L09A versions Versions earlier than C605B210
Victoria-L09B versions Versions earlier than C185B181
Victoria-L29A versions Versions earlier than C605B210
Victoria-L29B versions Versions earlier than C635B210
WT-W09 versions Earlier than BIOS 2.02 versions
WT-W19 versions Earlier than BIOS 2.02 versions
XH320 V2 versions Earlier than V100R001C00SPC205(BIOS V518) versions
XH321 V2 versions Earlier than V100R002C00SPC305(BIOS V518) versions
XH321 V3 versions Earlier than V100R003C00SPC502 (BIOS V387) versions
XH620 V3 versions Earlier than V100R003C00SPC625 (BIOS V387) versions
XH621 V2 versions Earlier than V100R001C00SPC205 (BIOS V518) versions
XH622 V3 versions Earlier than V100R003C00SPC623 (BIOS V387) versions
XH628 V3 versions Earlier than V100R003C00SPC623 (BIOS V387) versions
eAPP610 versions V100R004C10
eSpace 8950 versions V200R003C00
eSpace USM versions V300R001C00
iManager NetEco versions V600R007C00 V600R007C10 V600R007C11 V600R007C12 V600R007C20 V600R007C30 V600R007C40 V600R007C41 V600R007C50 V600R007C60 V600R008C00 V600R008C10 V600R008C20 V600R008C30
iManager NetEco 6000 versions V600R001C00 V600R001C01 V600R001C12 V600R001C30 V600R001C31 V600R001C32 V600R007C40 V600R007C60 V600R007C80 V600R007C90 V600R007C91 V600R008C00");
script_tag(name:"solution", value:"See the referenced vendor advisory for a solution.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_xref(name:"URL", value:"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180606-01-cpu-en");
exit(0);
}
include( "host_details.inc" );
include( "version_func.inc" );
cpe_list = make_list( "cpe:/o:huawei:ar100_firmware",
"cpe:/o:huawei:ar100-s_firmware",
"cpe:/o:huawei:ar110-s_firmware",
"cpe:/o:huawei:ar120_firmware",
"cpe:/o:huawei:ar120-s_firmware",
"cpe:/o:huawei:ar151-s2_firmware",
"cpe:/o:huawei:ar160_firmware",
"cpe:/o:huawei:ar160-s_firmware",
"cpe:/o:huawei:ar1220c_firmware",
"cpe:/o:huawei:ar1500_firmware",
"cpe:/o:huawei:ar2204-xge_firmware",
"cpe:/o:huawei:ar3600_firmware",
"cpe:/o:huawei:srg1300_firmware",
"cpe:/o:huawei:srg1320e_firmware" );
if( ! infos = get_app_version_from_list( cpe_list:cpe_list, nofork:TRUE ) )
exit( 0 );
cpe = infos["cpe"];
version = toupper( infos["version"] );
patch = get_kb_item( "huawei/vrp/patch" );
if( cpe =~ "^cpe:/o:huawei:ar(10|11|12|16)0-s_firmware" ) {
if (version_is_less(version:version, test_version: "V200R009C00SPC500")) {
report = report_fixed_ver( installed_version:version, fixed_version:"V200R009C00SPC500" );
security_message( port:0, data:report );
exit( 0 );
}
}
if( cpe == "cpe:/o:huawei:ar100_firmware" || cpe == "cpe:/o:huawei:ar120_firmware" ||
cpe == "cpe:/o:huawei:ar1220c_firmware" || cpe == "cpe:/o:huawei:ar1500_firmware" ||
cpe == "cpe:/o:huawei:ar151-s2_firmware" || cpe == "cpe:/o:huawei:ar160_firmware" ||
cpe == "cpe:/o:huawei:ar2204-xge_firmware" || cpe == "cpe:/o:huawei:ar3600_firmware" ||
cpe == "cpe:/o:huawei:srg1300_firmware" || cpe == "cpe:/o:huawei:srg1320e_firmware" ) {
if (version_is_less(version:version, test_version: "V200R009C00SPC500")) {
report = report_fixed_ver( installed_version:version, fixed_version:"V200R009C00SPC500" );
security_message( port:0, data:report );
exit( 0 );
}
}
exit( 99 );