Vulnerabilities > CVE-2014-6418 - Resource Management Errors vulnerability in multiple products

#%NASL_MIN_LEVEL 80502

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2015:027. 
# The text itself is copyright (C) Mandriva S.A.
#

if (NASL_LEVEL < 3000) exit(0);

include("compat.inc");

if (description)
{
  script_id(80578);
  script_version("1.7");
  script_cvs_date("Date: 2019/08/02 13:32:56");

  script_cve_id("CVE-2014-3688", "CVE-2014-6416", "CVE-2014-6417", "CVE-2014-6418", "CVE-2014-7841", "CVE-2014-7842", "CVE-2014-8133", "CVE-2014-8884", "CVE-2014-9090", "CVE-2014-9322", "CVE-2014-9419", "CVE-2014-9420", "CVE-2014-9529", "CVE-2014-9584", "CVE-2014-9585");
  script_bugtraq_id(69805, 70393, 70395, 70768, 71078, 71081, 71097, 71250, 71684, 71685, 71717, 71794, 71880, 71883, 71990);
  script_xref(name:"MDVSA", value:"2015:027");

  script_name(english:"Mandriva Linux Security Advisory : kernel (MDVSA-2015:027)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Multiple vulnerabilities has been found and corrected in the Linux
kernel :

The SCTP implementation in the Linux kernel before 3.17.4 allows
remote attackers to cause a denial of service (memory consumption) by
triggering a large number of chunks in an association's output queue,
as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and
net/sctp/sm_statefuns.c (CVE-2014-3688=.

Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux
kernel before 3.16.3, allows remote attackers to cause a denial of
service (memory corruption and panic) or possibly have unspecified
other impact via a long unencrypted auth ticket (CVE-2014-6416).

net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3,
does not properly consider the possibility of kmalloc failure, which
allows remote attackers to cause a denial of service (system crash) or
possibly have unspecified other impact via a long unencrypted auth
ticket (CVE-2014-6417).

net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3,
does not properly validate auth replies, which allows remote attackers
to cause a denial of service (system crash) or possibly have
unspecified other impact via crafted data from the IP address of a
Ceph Monitor (CVE-2014-6418).

The sctp_process_param function in net/sctp/sm_make_chunk.c in the
SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is
used, allows remote attackers to cause a denial of service (NULL
pointer dereference and system crash) via a malformed INIT chunk
(CVE-2014-7841).

Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4
allows guest OS users to cause a denial of service (guest OS crash)
via a crafted application that performs an MMIO transaction or a PIO
transaction to trigger a guest userspace emulation error report, a
similar issue to CVE-2010-5313 (CVE-2014-7842).

arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation
in the Linux kernel through 3.18.1 allows local users to bypass the
espfix protection mechanism, and consequently makes it easier for
local users to bypass the ASLR protection mechanism, via a crafted
application that makes a set_thread_area system call and later reads a
16-bit value (CVE-2014-8133).

Stack-based buffer overflow in the
ttusbdecfe_dvbs_diseqc_send_master_cmd function in
drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before
3.17.4 allows local users to cause a denial of service (system crash)
or possibly gain privileges via a large message length in an ioctl
call (CVE-2014-8884).

The do_double_fault function in arch/x86/kernel/traps.c in the Linux
kernel through 3.17.4 does not properly handle faults associated with
the Stack Segment (SS) segment register, which allows local users to
cause a denial of service (panic) via a modify_ldt system call, as
demonstrated by sigreturn_32 in the linux-clock-tests test suite
(CVE-2014-9090).

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not
properly handle faults associated with the Stack Segment (SS) segment
register, which allows local users to gain privileges by triggering an
IRET instruction that leads to access to a GS Base address from the
wrong space (CVE-2014-9322).

The __switch_to function in arch/x86/kernel/process_64.c in the Linux
kernel through 3.18.1 does not ensure that Thread Local Storage (TLS)
descriptors are loaded before proceeding with other steps, which makes
it easier for local users to bypass the ASLR protection mechanism via
a crafted application that reads a TLS base address (CVE-2014-9419).

The rock_continue function in fs/isofs/rock.c in the Linux kernel
through 3.18.1 does not restrict the number of Rock Ridge continuation
entries, which allows local users to cause a denial of service
(infinite loop, and system crash or hang) via a crafted iso9660 image
(CVE-2014-9420).

Race condition in the key_gc_unused_keys function in
security/keys/gc.c in the Linux kernel through 3.18.2 allows local
users to cause a denial of service (memory corruption or panic) or
possibly have unspecified other impact via keyctl commands that
trigger access to a key structure member during garbage collection of
a key (CVE-2014-9529).

The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the
Linux kernel before 3.18.2 does not validate a length value in the
Extensions Reference (ER) System Use Field, which allows local users
to obtain sensitive information from kernel memory via a crafted
iso9660 image (CVE-2014-9584).

The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel
through 3.18.2 does not properly choose memory locations for the vDSO
area, which makes it easier for local users to bypass the ASLR
protection mechanism by guessing a location at the end of a PMD
(CVE-2014-9585).

The updated packages provides a solution for these security issues."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:cpupower");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-firmware");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64cpupower-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64cpupower0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");

  script_set_attribute(attribute:"patch_publication_date", value:"2015/01/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/19");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"cpupower-3.4.105-2.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", reference:"kernel-firmware-3.4.105-2.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"kernel-headers-3.4.105-2.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"kernel-server-3.4.105-2.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"kernel-server-devel-3.4.105-2.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", reference:"kernel-source-3.4.105-2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64cpupower-devel-3.4.105-2.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64cpupower0-3.4.105-2.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"perf-3.4.105-2.1.mbs1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2379-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(78259);
  script_version("1.11");
  script_cvs_date("Date: 2019/09/19 12:54:30");

  script_cve_id("CVE-2014-3181", "CVE-2014-3184", "CVE-2014-3185", "CVE-2014-3186", "CVE-2014-3631", "CVE-2014-6410", "CVE-2014-6416", "CVE-2014-6417", "CVE-2014-6418");
  script_bugtraq_id(69763, 69768, 69779, 69781, 69799, 69805, 70095);
  script_xref(name:"USN", value:"2379-1");

  script_name(english:"Ubuntu 14.04 LTS : linux vulnerabilities (USN-2379-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Steven Vittitoe reported multiple stack buffer overflows in Linux
kernel's magicmouse HID driver. A physically proximate attacker could
exploit this flaw to cause a denial of service (system crash) or
possibly execute arbitrary code via specially crafted devices.
(CVE-2014-3181)

Ben Hawkes reported some off by one errors for report descriptors in
the Linux kernel's HID stack. A physically proximate attacker could
exploit these flaws to cause a denial of service (out-of-bounds write)
via a specially crafted device. (CVE-2014-3184)

Several bounds check flaws allowing for buffer overflows were
discovered in the Linux kernel's Whiteheat USB serial driver. A
physically proximate attacker could exploit these flaws to cause a
denial of service (system crash) via a specially crafted device.
(CVE-2014-3185)

Steven Vittitoe reported a buffer overflow in the Linux kernel's
PicoLCD HID device driver. A physically proximate attacker could
exploit this flaw to cause a denial of service (system crash) or
possibly execute arbitrary code via a specially craft device.
(CVE-2014-3186)

A flaw was discovered in the Linux kernel's associative-array garbage
collection implementation. A local user could exploit this flaw to
cause a denial of service (system crash) or possibly have other
unspecified impact by using keyctl operations. (CVE-2014-3631)

A flaw was discovered in the Linux kernel's UDF filesystem (used on
some CD-ROMs and DVDs) when processing indirect ICBs. An attacker who
can cause CD, DVD or image file with a specially crafted inode to be
mounted can cause a denial of service (infinite loop or stack
consumption). (CVE-2014-6410)

James Eckersall discovered a buffer overflow in the Ceph filesystem in
the Linux kernel. A remote attacker could exploit this flaw to cause a
denial of service (memory consumption and panic) or possibly have
other unspecified impact via a long unencrypted auth ticket.
(CVE-2014-6416)

James Eckersall discovered a flaw in the handling of memory allocation
failures in the Ceph filesystem. A remote attacker could exploit this
flaw to cause a denial of service (system crash) or possibly have
unspecified other impact. (CVE-2014-6417)

James Eckersall discovered a flaw in how the Ceph filesystem validates
auth replies. A remote attacker could exploit this flaw to cause a
denial of service (system crash) or possibly have other unspecified
impact. (CVE-2014-6418).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/2379-1/"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Update the affected linux-image-3.13-generic,
linux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency
packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/09/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/10/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/11");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("ksplice.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(14\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 14.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

if (get_one_kb_item("Host/ksplice/kernel-cves"))
{
  rm_kb_item(name:"Host/uptrack-uname-r");
  cve_list = make_list("CVE-2014-3181", "CVE-2014-3184", "CVE-2014-3185", "CVE-2014-3186", "CVE-2014-3631", "CVE-2014-6410", "CVE-2014-6416", "CVE-2014-6417", "CVE-2014-6418");
  if (ksplice_cves_check(cve_list))
  {
    audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-2379-1");
  }
  else
  {
    _ubuntu_report = ksplice_reporting_text();
  }
}

flag = 0;

if (ubuntu_check(osver:"14.04", pkgname:"linux-image-3.13.0-37-generic", pkgver:"3.13.0-37.64")) flag++;
if (ubuntu_check(osver:"14.04", pkgname:"linux-image-3.13.0-37-generic-lpae", pkgver:"3.13.0-37.64")) flag++;
if (ubuntu_check(osver:"14.04", pkgname:"linux-image-3.13.0-37-lowlatency", pkgver:"3.13.0-37.64")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc");
}

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(124823);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/19");

  script_cve_id(
    "CVE-2013-4563",
    "CVE-2014-6418",
    "CVE-2014-7145",
    "CVE-2014-7975",
    "CVE-2014-9683",
    "CVE-2017-1000365",
    "CVE-2017-12146",
    "CVE-2017-9076",
    "CVE-2018-13406",
    "CVE-2018-18386"
  );
  script_bugtraq_id(
    63702,
    69867,
    70314,
    70393,
    72643
  );

  script_name(english:"EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1500)");
  script_summary(english:"Checks the rpm output for the updated packages.");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization for ARM 64 host is missing multiple security
updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the kernel packages installed, the
EulerOS Virtualization for ARM 64 installation on the remote host is
affected by the following vulnerabilities :

  - The IPv6 DCCP implementation in the Linux kernel
    mishandles inheritance, which allows local users to
    cause a denial of service or possibly have unspecified
    other impact via crafted system calls, a related issue
    to CVE-2017-8890. An unprivileged local user could use
    this flaw to induce kernel memory corruption on the
    system, leading to a crash. Due to the nature of the
    flaw, privilege escalation cannot be fully ruled out,
    although we believe it is unlikely.(CVE-2017-9076i1/4%0

  - It was found that the driver_override implementation in
    base/platform.c in the Linux kernel is susceptible to
    race condition when different threads are reading vs
    storing a different driver override.(CVE-2017-12146i1/4%0

  - The Linux Kernel imposes a size restriction on the
    arguments and environmental strings passed through
    RLIMIT_STACK/RLIMIT_INFINITY, but does not take the
    argument and environment pointers into account, which
    allows attackers to bypass this
    limitation.(CVE-2017-1000365i1/4%0

  - A buffer overflow flaw was found in the way the Linux
    kernel's eCryptfs implementation decoded encrypted file
    names. A local, unprivileged user could use this flaw
    to crash the system or, potentially, escalate their
    privileges on the system.(CVE-2014-9683i1/4%0

  - The Linux kernel was found vulnerable to an integer
    overflow in the
    drivers/video/fbdev/uvesafb.c:uvesafb_setcmap()
    function. The vulnerability could result in local
    attackers being able to crash the kernel or potentially
    elevate privileges.(CVE-2018-13406i1/4%0

  - net/ceph/auth_x.c in Ceph, as used in the Linux kernel
    before 3.16.3, does not properly validate auth replies,
    which allows remote attackers to cause a denial of
    service (system crash) or possibly have unspecified
    other impact via crafted data from the IP address of a
    Ceph Monitor.(CVE-2014-6418i1/4%0

  - A NULL pointer dereference flaw was found in the way
    the Linux kernel's Common Internet File System (CIFS)
    implementation handled mounting of file system shares.
    A remote attacker could use this flaw to crash a client
    system that would mount a file system share from a
    malicious server.(CVE-2014-7145i1/4%0

  - The udp6_ufo_fragment function in
    net/ipv6/udp_offload.c in the Linux kernel through
    3.12, when UDP Fragmentation Offload (UFO) is enabled,
    does not properly perform a certain size comparison
    before inserting a fragment header, which allows remote
    attackers to cause a denial of service (panic) via a
    large IPv6 UDP packet, as demonstrated by use of the
    Token Bucket Filter (TBF) queueing
    discipline.(CVE-2013-4563i1/4%0

  - The do_umount function in fs/namespace.c in the Linux
    kernel through 3.17 does not require the CAP_SYS_ADMIN
    capability for do_remount_sb calls that change the root
    filesystem to read-only, which allows local users to
    cause a denial of service (loss of writability) by
    making certain unshare system calls, clearing the /
    MNT_LOCKED flag, and making an MNT_FORCE umount system
    call.(CVE-2014-7975i1/4%0

  - drivers/tty/n_tty.c in the Linux kernel before 4.14.11
    allows local attackers (who are able to access pseudo
    terminals) to hang/block further usage of any pseudo
    terminal devices due to an EXTPROC versus ICANON
    confusion in TIOCINQ.(CVE-2018-18386i1/4%0

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1500
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0fbf4f5d");
  script_set_attribute(attribute:"solution", value:
"Update the affected kernel packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-13406");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"patch_publication_date", value:"2019/05/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/13");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-perf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.1.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "3.0.1.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.1.0");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);

flag = 0;

pkgs = ["kernel-4.19.28-1.2.117",
        "kernel-devel-4.19.28-1.2.117",
        "kernel-headers-4.19.28-1.2.117",
        "kernel-tools-4.19.28-1.2.117",
        "kernel-tools-libs-4.19.28-1.2.117",
        "kernel-tools-libs-devel-4.19.28-1.2.117",
        "perf-4.19.28-1.2.117",
        "python-perf-4.19.28-1.2.117"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2378-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(78258);
  script_version("1.11");
  script_cvs_date("Date: 2019/09/19 12:54:30");

  script_cve_id("CVE-2014-3181", "CVE-2014-3184", "CVE-2014-3185", "CVE-2014-3186", "CVE-2014-3631", "CVE-2014-6410", "CVE-2014-6416", "CVE-2014-6417", "CVE-2014-6418");
  script_bugtraq_id(69763, 69768, 69779, 69781, 69799, 69805, 70095);
  script_xref(name:"USN", value:"2378-1");

  script_name(english:"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2378-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Steven Vittitoe reported multiple stack buffer overflows in Linux
kernel's magicmouse HID driver. A physically proximate attacker could
exploit this flaw to cause a denial of service (system crash) or
possibly execute arbitrary code via specially crafted devices.
(CVE-2014-3181)

Ben Hawkes reported some off by one errors for report descriptors in
the Linux kernel's HID stack. A physically proximate attacker could
exploit these flaws to cause a denial of service (out-of-bounds write)
via a specially crafted device. (CVE-2014-3184)

Several bounds check flaws allowing for buffer overflows were
discovered in the Linux kernel's Whiteheat USB serial driver. A
physically proximate attacker could exploit these flaws to cause a
denial of service (system crash) via a specially crafted device.
(CVE-2014-3185)

Steven Vittitoe reported a buffer overflow in the Linux kernel's
PicoLCD HID device driver. A physically proximate attacker could
exploit this flaw to cause a denial of service (system crash) or
possibly execute arbitrary code via a specially craft device.
(CVE-2014-3186)

A flaw was discovered in the Linux kernel's associative-array garbage
collection implementation. A local user could exploit this flaw to
cause a denial of service (system crash) or possibly have other
unspecified impact by using keyctl operations. (CVE-2014-3631)

A flaw was discovered in the Linux kernel's UDF filesystem (used on
some CD-ROMs and DVDs) when processing indirect ICBs. An attacker who
can cause CD, DVD or image file with a specially crafted inode to be
mounted can cause a denial of service (infinite loop or stack
consumption). (CVE-2014-6410)

James Eckersall discovered a buffer overflow in the Ceph filesystem in
the Linux kernel. A remote attacker could exploit this flaw to cause a
denial of service (memory consumption and panic) or possibly have
other unspecified impact via a long unencrypted auth ticket.
(CVE-2014-6416)

James Eckersall discovered a flaw in the handling of memory allocation
failures in the Ceph filesystem. A remote attacker could exploit this
flaw to cause a denial of service (system crash) or possibly have
unspecified other impact. (CVE-2014-6417)

James Eckersall discovered a flaw in how the Ceph filesystem validates
auth replies. A remote attacker could exploit this flaw to cause a
denial of service (system crash) or possibly have other unspecified
impact. (CVE-2014-6418).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/2378-1/"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Update the affected linux-image-3.13-generic and / or
linux-image-3.13-generic-lpae packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/09/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/10/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/11");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2014-2019 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("ksplice.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(12\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

if (get_one_kb_item("Host/ksplice/kernel-cves"))
{
  rm_kb_item(name:"Host/uptrack-uname-r");
  cve_list = make_list("CVE-2014-3181", "CVE-2014-3184", "CVE-2014-3185", "CVE-2014-3186", "CVE-2014-3631", "CVE-2014-6410", "CVE-2014-6416", "CVE-2014-6417", "CVE-2014-6418");
  if (ksplice_cves_check(cve_list))
  {
    audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-2378-1");
  }
  else
  {
    _ubuntu_report = ksplice_reporting_text();
  }
}

flag = 0;

if (ubuntu_check(osver:"12.04", pkgname:"linux-image-3.13.0-37-generic", pkgver:"3.13.0-37.64~precise1")) flag++;
if (ubuntu_check(osver:"12.04", pkgname:"linux-image-3.13.0-37-generic-lpae", pkgver:"3.13.0-37.64~precise1")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-image-3.13-generic / linux-image-3.13-generic-lpae");
}

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(124805);
  script_version("1.4");
  script_cvs_date("Date: 2020/01/17");

  script_cve_id(
    "CVE-2014-4171",
    "CVE-2014-4652",
    "CVE-2014-4653",
    "CVE-2014-4654",
    "CVE-2014-4655",
    "CVE-2014-4656",
    "CVE-2014-4667",
    "CVE-2014-4699",
    "CVE-2014-4943",
    "CVE-2014-5045",
    "CVE-2014-5077",
    "CVE-2014-5471",
    "CVE-2014-5472",
    "CVE-2014-6410",
    "CVE-2014-6416",
    "CVE-2014-6417",
    "CVE-2014-6418",
    "CVE-2014-7145",
    "CVE-2014-7283",
    "CVE-2014-7825",
    "CVE-2014-7826"
  );
  script_bugtraq_id(
    68157,
    68162,
    68163,
    68164,
    68170,
    68224,
    68411,
    68683,
    68768,
    68862,
    68881,
    69396,
    69428,
    69799,
    69805,
    69867,
    70261,
    70393,
    70395,
    70971,
    70972
  );

  script_name(english:"EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1481)");
  script_summary(english:"Checks the rpm output for the updated packages.");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization host is missing multiple security
updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the kernel packages installed, the
EulerOS Virtualization installation on the remote host is affected by
the following vulnerabilities :

  - A race condition flaw was found in the way the Linux
    kernel's mmap(2), madvise(2), and fallocate(2) system
    calls interacted with each other while operating on
    virtual memory file system files. A local user could
    use this flaw to cause a denial of
    service.(CVE-2014-4171)

  - An information leak flaw was found in the way the Linux
    kernel's Advanced Linux Sound Architecture (ALSA)
    implementation handled access of the user control's
    state. A local, privileged user could use this flaw to
    leak kernel memory to user space.(CVE-2014-4652)

  - A use-after-free flaw was found in the way the Linux
    kernel's Advanced Linux Sound Architecture (ALSA)
    implementation handled user controls. A local,
    privileged user could use this flaw to crash the
    system.(CVE-2014-4653)

  - A use-after-free flaw was found in the way the Linux
    kernel's Advanced Linux Sound Architecture (ALSA)
    implementation handled user controls. A local,
    privileged user could use this flaw to crash the
    system.(CVE-2014-4654)

  - A use-after-free flaw was found in the way the Linux
    kernel's Advanced Linux Sound Architecture (ALSA)
    implementation handled user controls. A local,
    privileged user could use this flaw to crash the
    system.(CVE-2014-4655)

  - An integer overflow flaw was found in the way the Linux
    kernel's Advanced Linux Sound Architecture (ALSA)
    implementation handled user controls. A local,
    privileged user could use this flaw to crash the
    system.(CVE-2014-4656)

  - An integer underflow flaw was found in the way the
    Linux kernel's Stream Control Transmission Protocol
    (SCTP) implementation processed certain COOKIE_ECHO
    packets. By sending a specially crafted SCTP packet, a
    remote attacker could use this flaw to prevent
    legitimate connections to a particular SCTP server
    socket to be made.(CVE-2014-4667)

  - 'It was found that the Linux kernel's ptrace subsystem
    allowed a traced process' instruction pointer to be set
    to a non-canonical memory address without forcing the
    non-sysret code path when returning to user space. A
    local, unprivileged user could use this flaw to crash
    the system or, potentially, escalate their privileges
    on the system.

  - Note: The CVE-2014-4699 issue only affected systems
    using an Intel CPU.(CVE-2014-4699)'

  - A flaw was found in the way the pppol2tp_setsockopt()
    and pppol2tp_getsockopt() functions in the Linux
    kernel's PPP over L2TP implementation handled requests
    with a non-SOL_PPPOL2TP socket option level. A local,
    unprivileged user could use this flaw to escalate their
    privileges on the system.(CVE-2014-4943)

  - A flaw was found in the way the Linux kernel's VFS
    subsystem handled reference counting when performing
    unmount operations on symbolic links. A local,
    unprivileged user could use this flaw to exhaust all
    available memory on the system or, potentially, trigger
    a use-after-free error, resulting in a system crash or
    privilege escalation.(CVE-2014-5045)

  - A NULL pointer dereference flaw was found in the way
    the Linux kernel's Stream Control Transmission Protocol
    (SCTP) implementation handled simultaneous connections
    between the same hosts. A remote attacker could use
    this flaw to crash the system.(CVE-2014-5077)

  - It was found that the parse_rock_ridge_inode_internal()
    function of the Linux kernel's ISOFS implementation did
    not correctly check relocated directories when
    processing Rock Ridge child link (CL) tags. An attacker
    with physical access to the system could use a
    specially crafted ISO image to crash the system or,
    potentially, escalate their privileges on the
    system.(CVE-2014-5471)

  - It was found that the parse_rock_ridge_inode_internal()
    function of the Linux kernel's ISOFS implementation did
    not correctly check relocated directories when
    processing Rock Ridge child link (CL) tags. An attacker
    with physical access to the system could use a
    specially crafted ISO image to crash the system or,
    potentially, escalate their privileges on the
    system.(CVE-2014-5472)

  - A stack overflow flaw caused by infinite recursion was
    found in the way the Linux kernel's Universal Disk
    Format (UDF) file system implementation processed
    indirect Information Control Blocks (ICBs). An attacker
    with physical access to the system could use a
    specially crafted UDF image to crash the
    system.(CVE-2014-6410)

  - Buffer overflow in net/ceph/auth_x.c in Ceph, as used
    in the Linux kernel before 3.16.3, allows remote
    attackers to cause a denial of service (memory
    corruption and panic) or possibly have unspecified
    other impact via a long unencrypted auth
    ticket.(CVE-2014-6416)

  - net/ceph/auth_x.c in Ceph, as used in the Linux kernel
    before 3.16.3, does not properly consider the
    possibility of kmalloc failure, which allows remote
    attackers to cause a denial of service (system crash)
    or possibly have unspecified other impact via a long
    unencrypted auth ticket.(CVE-2014-6417)

  - net/ceph/auth_x.c in Ceph, as used in the Linux kernel
    before 3.16.3, does not properly validate auth replies,
    which allows remote attackers to cause a denial of
    service (system crash) or possibly have unspecified
    other impact via crafted data from the IP address of a
    Ceph Monitor.(CVE-2014-6418)

  - A NULL pointer dereference flaw was found in the way
    the Linux kernel's Common Internet File System (CIFS)
    implementation handled mounting of file system shares.
    A remote attacker could use this flaw to crash a client
    system that would mount a file system share from a
    malicious server.(CVE-2014-7145)

  - A denial of service flaw was found in the way the Linux
    kernel's XFS file system implementation ordered
    directory hashes under certain conditions. A local
    attacker could use this flaw to corrupt the file system
    by creating directories with colliding hash values,
    potentially resulting in a system crash.(CVE-2014-7283)

  - An out-of-bounds memory access flaw, CVE-2014-7825, was
    found in the syscall tracing functionality of the Linux
    kernel's perf subsystem. A local, unprivileged user
    could use this flaw to crash the system. Additionally,
    an out-of-bounds memory access flaw, CVE-2014-7826, was
    found in the syscall tracing functionality of the Linux
    kernel's ftrace subsystem. On a system with ftrace
    syscall tracing enabled, a local, unprivileged user
    could use this flaw to crash the system, or escalate
    their privileges.(CVE-2014-7825)

  - An out-of-bounds memory access flaw, CVE-2014-7825, was
    found in the syscall tracing functionality of the Linux
    kernel's perf subsystem. A local, unprivileged user
    could use this flaw to crash the system. Additionally,
    an out-of-bounds memory access flaw, CVE-2014-7826, was
    found in the syscall tracing functionality of the Linux
    kernel's ftrace subsystem. On a system with ftrace
    syscall tracing enabled, a local, unprivileged user
    could use this flaw to crash the system, or escalate
    their privileges.(CVE-2014-7826)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1481
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b8a0561b");
  script_set_attribute(attribute:"solution", value:
"Update the affected kernel packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-4943");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'CANVAS');

  script_set_attribute(attribute:"patch_publication_date", value:"2019/05/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/13");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-perf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.1.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "3.0.1.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.1.0");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["kernel-3.10.0-862.14.1.6_42",
        "kernel-devel-3.10.0-862.14.1.6_42",
        "kernel-headers-3.10.0-862.14.1.6_42",
        "kernel-tools-3.10.0-862.14.1.6_42",
        "kernel-tools-libs-3.10.0-862.14.1.6_42",
        "kernel-tools-libs-devel-3.10.0-862.14.1.6_42",
        "perf-3.10.0-862.14.1.6_42",
        "python-perf-3.10.0-862.14.1.6_42"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}