5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7 High
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.8%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.10.2016.0345");
script_cve_id("CVE-2016-4578", "CVE-2016-5243", "CVE-2016-5244", "CVE-2016-5400", "CVE-2016-6480");
script_tag(name:"creation_date", value:"2022-01-28 10:58:44 +0000 (Fri, 28 Jan 2022)");
script_version("2024-02-02T05:06:09+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:09 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2016-06-27 17:29:31 +0000 (Mon, 27 Jun 2016)");
script_name("Mageia: Security Advisory (MGASA-2016-0345)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2022 Greenbone AG");
script_family("Mageia Linux Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA5");
script_xref(name:"Advisory-ID", value:"MGASA-2016-0345");
script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2016-0345.html");
script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=19397");
script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=19390");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.17");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.18");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.19");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.20");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.21");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.22");
script_tag(name:"summary", value:"The remote host is missing an update for the 'kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons' package(s) announced via the MGASA-2016-0345 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update is based on the upstream 4.4.22 kernel and fixes at least these
security issues:
sound/core/timer.c in the Linux kernel through 4.6 does not initialize
certain r1 data structures, which allows local users to obtain sensitive
information from kernel stack memory via crafted use of the ALSA timer
interface, related to the (1) snd_timer_user_ccallback and (2)
snd_timer_user_tinterrupt functions (CVE-2016-4578).
The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the
Linux kernel through 4.6.3 does not properly copy a certain string, which
allows local users to obtain sensitive information from kernel stack memory
by reading a Netlink message (CVE-2016-5243).
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through
4.6.3 does not initialize a certain structure member, which allows remote
attackers to obtain sensitive information from kernel stack memory by reading
an RDS message (CVE-2016-5244).
Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c
in the airspy USB driver in the Linux kernel before 4.7 allows local users
to cause a denial of service (memory consumption) via a crafted USB device
that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many
connect and disconnect operations (CVE-2016-5400).
Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/
commctrl.c in the Linux kernel through 4.7 allows local users to cause a
denial of service (out-of-bounds access or system crash) by changing a
certain size value, aka a 'double fetch' vulnerability (CVE-2016-6480).
This update also changes the following:
- enables STRICT_DEVMEM as a security hardening
- disables FW_LOADER_USER_HELPER_FALLBACK again (un-intentionally
enabled in 4.4 series upgrade) that slows down boot or even makes
wireless connection fail with drivers with multiple possible
firmwares (mga#19390).
For other fixes in this update, see the referenced changelogs.");
script_tag(name:"affected", value:"'kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons' package(s) on Mageia 5.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "MAGEIA5") {
if(!isnull(res = isrpmvuln(pkg:"cpupower", rpm:"cpupower~4.4.22~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"cpupower-devel", rpm:"cpupower-devel~4.4.22~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel", rpm:"kernel~4.4.22~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-4.4.22-1.mga5", rpm:"kernel-desktop-4.4.22-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-devel-4.4.22-1.mga5", rpm:"kernel-desktop-devel-4.4.22-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-devel-latest", rpm:"kernel-desktop-devel-latest~4.4.22~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-latest", rpm:"kernel-desktop-latest~4.4.22~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-4.4.22-1.mga5", rpm:"kernel-desktop586-4.4.22-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-devel-4.4.22-1.mga5", rpm:"kernel-desktop586-devel-4.4.22-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-devel-latest", rpm:"kernel-desktop586-devel-latest~4.4.22~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-latest", rpm:"kernel-desktop586-latest~4.4.22~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~4.4.22~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-server-4.4.22-1.mga5", rpm:"kernel-server-4.4.22-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-server-devel-4.4.22-1.mga5", rpm:"kernel-server-devel-4.4.22-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-server-devel-latest", rpm:"kernel-server-devel-latest~4.4.22~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-server-latest", rpm:"kernel-server-latest~4.4.22~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-source-4.4.22-1.mga5", rpm:"kernel-source-4.4.22-1.mga5~1~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-source-latest", rpm:"kernel-source-latest~4.4.22~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-userspace-headers", rpm:"kernel-userspace-headers~4.4.22~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kmod-vboxadditions", rpm:"kmod-vboxadditions~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kmod-virtualbox", rpm:"kmod-virtualbox~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kmod-xtables-addons", rpm:"kmod-xtables-addons~2.10~12.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"perf", rpm:"perf~4.4.22~1.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vboxadditions-kernel-4.4.22-desktop-1.mga5", rpm:"vboxadditions-kernel-4.4.22-desktop-1.mga5~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vboxadditions-kernel-4.4.22-desktop586-1.mga5", rpm:"vboxadditions-kernel-4.4.22-desktop586-1.mga5~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vboxadditions-kernel-4.4.22-server-1.mga5", rpm:"vboxadditions-kernel-4.4.22-server-1.mga5~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vboxadditions-kernel-desktop-latest", rpm:"vboxadditions-kernel-desktop-latest~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vboxadditions-kernel-desktop586-latest", rpm:"vboxadditions-kernel-desktop586-latest~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vboxadditions-kernel-server-latest", rpm:"vboxadditions-kernel-server-latest~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-4.4.22-desktop-1.mga5", rpm:"virtualbox-kernel-4.4.22-desktop-1.mga5~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-4.4.22-desktop586-1.mga5", rpm:"virtualbox-kernel-4.4.22-desktop586-1.mga5~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-4.4.22-server-1.mga5", rpm:"virtualbox-kernel-4.4.22-server-1.mga5~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-desktop-latest", rpm:"virtualbox-kernel-desktop-latest~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-desktop586-latest", rpm:"virtualbox-kernel-desktop586-latest~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-server-latest", rpm:"virtualbox-kernel-server-latest~5.1.2~6.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-4.4.22-desktop-1.mga5", rpm:"xtables-addons-kernel-4.4.22-desktop-1.mga5~2.10~12.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-4.4.22-desktop586-1.mga5", rpm:"xtables-addons-kernel-4.4.22-desktop586-1.mga5~2.10~12.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-4.4.22-server-1.mga5", rpm:"xtables-addons-kernel-4.4.22-server-1.mga5~2.10~12.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-desktop-latest", rpm:"xtables-addons-kernel-desktop-latest~2.10~12.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-desktop586-latest", rpm:"xtables-addons-kernel-desktop586-latest~2.10~12.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-server-latest", rpm:"xtables-addons-kernel-server-latest~2.10~12.mga5", rls:"MAGEIA5"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
advisories.mageia.org/MGASA-2016-0345.html
bugs.mageia.org/show_bug.cgi?id=19390
bugs.mageia.org/show_bug.cgi?id=19397
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.17
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.18
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.19
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.20
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.21
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.22
MGASA-2016-0345
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7 High
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.8%