4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
7.9 High
AI Score
Confidence
High
0.976 High
EPSS
Percentile
100.0%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.10.2018.0076");
script_cve_id("CVE-2017-15129", "CVE-2017-17741", "CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754");
script_tag(name:"creation_date", value:"2022-01-28 10:58:44 +0000 (Fri, 28 Jan 2022)");
script_version("2024-02-08T05:05:59+0000");
script_tag(name:"last_modification", value:"2024-02-08 05:05:59 +0000 (Thu, 08 Feb 2024)");
script_tag(name:"cvss_base", value:"4.9");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2024-02-08 02:07:55 +0000 (Thu, 08 Feb 2024)");
script_name("Mageia: Security Advisory (MGASA-2018-0076)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2022 Greenbone AG");
script_family("Mageia Linux Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA6");
script_xref(name:"Advisory-ID", value:"MGASA-2018-0076");
script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2018-0076.html");
script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=22334");
script_xref(name:"URL", value:"https://meltdownattack.com/");
script_xref(name:"URL", value:"https://googleprojectzero.blogspot.fi/2018/01/reading-privileged-memory-with-side.html");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.11");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.12");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.13");
script_tag(name:"summary", value:"The remote host is missing an update for the 'dracut, kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons' package(s) announced via the MGASA-2018-0076 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This kernel update is based on the upstream 4.14.13 and fixes
several security issues.
The most important fix in this update is for the security issue named
'Meltdown' that is fixed in these kernels by enabling kernel Page
Table Isolation (KPTI). Note that according to AMD, this issue does
not effect Amd processors, so it is not enabled by default on systems
using Amd CPU.
The list of known security fixes and mitigations in this kernel:
kvm: vmx: Scrub hardware GPRs at VM-exit. This enables partial mitigation
in kvm for the security issue named 'Spectre' (CVE-2017-5715, CVE-2017-5753).
Systems with microprocessors utilizing speculative execution and indirect
branch prediction may allow unauthorized disclosure of information to an
attacker with local user access via a side-channel analysis of the data
cache (CVE-2017-5754, 'Meltdown').
A use-after-free vulnerability was found in network namespaces code
affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id()
in net/core/net_namespace.c does not check for the net::count value after
it has found a peer network in netns_ids idr, which could lead to double
free and memory corruption. This vulnerability could allow an unprivileged
local user to induce kernel memory corruption on the system, leading to a
crash. Due to the nature of the flaw, privilege escalation cannot be fully
ruled out, although it is thought to be unlikely (CVE-2017-15129).
The KVM implementation in the Linux kernel through 4.14.7 allows attackers
to obtain potentially sensitive information from kernel memory, aka a
write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c
and include/trace/events/kvm.h (CVE-2017-17741).
The kernels are also fixed to allow loading cpu microcode for Amd
family 17 (Zen) processors, and dracut have been fixed to properly
support early firmware loading on the microcode on all Amd cpus.
For more info about Meltdown, Spectre and other fixes in this update,
see the references.");
script_tag(name:"affected", value:"'dracut, kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons' package(s) on Mageia 6.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "MAGEIA6") {
if(!isnull(res = isrpmvuln(pkg:"cpupower", rpm:"cpupower~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"cpupower-devel", rpm:"cpupower-devel~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"dracut", rpm:"dracut~044~11.1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel", rpm:"kernel~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-4.14.13-1.mga6", rpm:"kernel-desktop-4.14.13-1.mga6~1~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-armv6v7-4.14.13-1.mga6", rpm:"kernel-desktop-armv6v7-4.14.13-1.mga6~1~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-armv6v7-devel-4.14.13-1.mga6", rpm:"kernel-desktop-armv6v7-devel-4.14.13-1.mga6~1~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-armv6v7-devel-latest", rpm:"kernel-desktop-armv6v7-devel-latest~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-armv6v7-latest", rpm:"kernel-desktop-armv6v7-latest~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-devel-4.14.13-1.mga6", rpm:"kernel-desktop-devel-4.14.13-1.mga6~1~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-devel-latest", rpm:"kernel-desktop-devel-latest~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-latest", rpm:"kernel-desktop-latest~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-4.14.13-1.mga6", rpm:"kernel-desktop586-4.14.13-1.mga6~1~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-devel-4.14.13-1.mga6", rpm:"kernel-desktop586-devel-4.14.13-1.mga6~1~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-devel-latest", rpm:"kernel-desktop586-devel-latest~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-latest", rpm:"kernel-desktop586-latest~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-server-4.14.13-1.mga6", rpm:"kernel-server-4.14.13-1.mga6~1~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-server-devel-4.14.13-1.mga6", rpm:"kernel-server-devel-4.14.13-1.mga6~1~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-server-devel-latest", rpm:"kernel-server-devel-latest~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-server-latest", rpm:"kernel-server-latest~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-source-4.14.13-1.mga6", rpm:"kernel-source-4.14.13-1.mga6~1~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-source-latest", rpm:"kernel-source-latest~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-userspace-headers", rpm:"kernel-userspace-headers~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kmod-vboxadditions", rpm:"kmod-vboxadditions~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kmod-virtualbox", rpm:"kmod-virtualbox~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kmod-xtables-addons", rpm:"kmod-xtables-addons~2.13~10.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"perf", rpm:"perf~4.14.13~1.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vboxadditions-kernel-4.14.13-desktop-1.mga6", rpm:"vboxadditions-kernel-4.14.13-desktop-1.mga6~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vboxadditions-kernel-4.14.13-desktop586-1.mga6", rpm:"vboxadditions-kernel-4.14.13-desktop586-1.mga6~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vboxadditions-kernel-4.14.13-server-1.mga6", rpm:"vboxadditions-kernel-4.14.13-server-1.mga6~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vboxadditions-kernel-desktop-latest", rpm:"vboxadditions-kernel-desktop-latest~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vboxadditions-kernel-desktop586-latest", rpm:"vboxadditions-kernel-desktop586-latest~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vboxadditions-kernel-server-latest", rpm:"vboxadditions-kernel-server-latest~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-4.14.13-desktop-1.mga6", rpm:"virtualbox-kernel-4.14.13-desktop-1.mga6~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-4.14.13-desktop586-1.mga6", rpm:"virtualbox-kernel-4.14.13-desktop586-1.mga6~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-4.14.13-server-1.mga6", rpm:"virtualbox-kernel-4.14.13-server-1.mga6~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-desktop-latest", rpm:"virtualbox-kernel-desktop-latest~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-desktop586-latest", rpm:"virtualbox-kernel-desktop586-latest~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-server-latest", rpm:"virtualbox-kernel-server-latest~5.2.2~7.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-4.14.13-desktop-1.mga6", rpm:"xtables-addons-kernel-4.14.13-desktop-1.mga6~2.13~10.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-4.14.13-desktop586-1.mga6", rpm:"xtables-addons-kernel-4.14.13-desktop586-1.mga6~2.13~10.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-4.14.13-server-1.mga6", rpm:"xtables-addons-kernel-4.14.13-server-1.mga6~2.13~10.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-desktop-latest", rpm:"xtables-addons-kernel-desktop-latest~2.13~10.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-desktop586-latest", rpm:"xtables-addons-kernel-desktop586-latest~2.13~10.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-server-latest", rpm:"xtables-addons-kernel-server-latest~2.13~10.mga6", rls:"MAGEIA6"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
advisories.mageia.org/MGASA-2018-0076.html
bugs.mageia.org/show_bug.cgi?id=22334
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.11
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.12
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.13
googleprojectzero.blogspot.fi/2018/01/reading-privileged-memory-with-side.html
meltdownattack.com/
MGASA-2018-0076
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
7.9 High
AI Score
Confidence
High
0.976 High
EPSS
Percentile
100.0%