Vulnerabilities > CVE-2018-16871 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
linux
redhat
netapp
CWE-476
nessus

Summary

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

Vulnerable Configurations

Part Description Count
OS
Linux
2401
OS
Redhat
10
OS
Netapp
8
Application
Redhat
2
Application
Netapp
1
Hardware
Netapp
8

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1829-1.NASL
    descriptionThe SUSE Linux Enterprise 15 kernel version 4.12.14 was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-10638: Attackers used to be able to track the Linux kernel by the IP ID values the kernel produces for connection-less protocols. When such traffic was sent to multiple destination IP addresses, it was possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack could have been conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses. [bnc#1140575] CVE-2019-10639: The Linux kernel used to allow Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it was possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols. When such traffic was sent to multiple destination IP addresses, it was possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key was extracted (via enumeration), the offset of the kernel image was exposed. This attack could be carried out remotely by the attacker forcing the target device to send UDP or ICMP traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker
    last seen2020-06-01
    modified2020-06-02
    plugin id126691
    published2019-07-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126691
    titleSUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1829-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2019:1829-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(126691);
      script_version("1.4");
      script_cvs_date("Date: 2020/01/08");
    
      script_cve_id("CVE-2018-16871", "CVE-2018-20836", "CVE-2019-10126", "CVE-2019-10638", "CVE-2019-10639", "CVE-2019-11599", "CVE-2019-12380", "CVE-2019-12456", "CVE-2019-12614", "CVE-2019-12818", "CVE-2019-12819");
    
      script_name(english:"SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1829-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The SUSE Linux Enterprise 15 kernel version 4.12.14 was updated to
    receive various security and bugfixes.
    
    The following security bugs were fixed :
    
    CVE-2019-10638: Attackers used to be able to track the Linux kernel by
    the IP ID values the kernel produces for connection-less protocols.
    When such traffic was sent to multiple destination IP addresses, it
    was possible to obtain hash collisions (of indices to the counter
    array) and thereby obtain the hashing key (via enumeration). An attack
    could have been conducted by hosting a crafted web page that uses
    WebRTC or gQUIC to force UDP traffic to attacker-controlled IP
    addresses. [bnc#1140575]
    
    CVE-2019-10639: The Linux kernel used to allow Information Exposure
    (partial kernel address disclosure), leading to a KASLR bypass.
    Specifically, it was possible to extract the KASLR kernel image offset
    using the IP ID values the kernel produces for connection-less
    protocols. When such traffic was sent to multiple destination IP
    addresses, it was possible to obtain hash collisions (of indices to
    the counter array) and thereby obtain the hashing key (via
    enumeration). This key contains enough bits from a kernel address (of
    a static variable) so when the key was extracted (via enumeration),
    the offset of the kernel image was exposed. This attack could be
    carried out remotely by the attacker forcing the target device to send
    UDP or ICMP traffic to attacker-controlled IP addresses. Forcing a
    server to send UDP traffic is trivial if the server is a DNS server.
    ICMP traffic is trivial if the server answers ICMP Echo requests
    (ping). For client targets, if the target visits the attacker's web
    page, then WebRTC or gQUIC can be used to force UDP traffic to
    attacker-controlled IP addresses. [bnc#1140577]
    
    CVE-2018-20836: A race condition used to exist in smp_task_timedout()
    and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to
    a use-after-free. [bnc#1134395]
    
    CVE-2019-10126: A heap-based buffer overflow in the wireless driver
    code was fixed. This issue might have lead to memory corruption and
    possibly other consequences. [bnc#1136935]
    
    CVE-2019-11599: The coredump implementation did not use locking or
    other mechanisms to prevent vma layout or vma flags changes while it
    ran, which allowed local users to obtain sensitive information, cause
    a denial of service, or possibly have unspecified other impact by
    triggering a race condition with mmget_not_zero or get_task_mm calls.
    [bnc#1131645].
    
    CVE-2019-12614: There was an unchecked kstrdup of prop->name on
    PowerPC platforms, which allowed an attacker to cause a denial of
    service (NULL pointer dereference and system crash). [bnc#1137194]
    
    CVE-2018-16871: A flaw was found in the NFS implementation. An
    attacker who was able to mount an exported NFS filesystem was able to
    trigger a NULL pointer dereference by an invalid NFS sequence. This
    could panic the machine and deny access to the NFS server. Any
    outstanding disk writes to the NFS server will were lost.
    [bnc#1137103]
    
    CVE-2019-12819: The function __mdiobus_register() used to call
    put_device(), which would trigger a fixed_mdio_bus_init use-after-free
    error. This would cause a denial of service. [bnc#1138291]
    
    CVE-2019-12818: The nfc_llcp_build_tlv function in
    net/nfc/llcp_commands.c may return NULL. If the caller did not check
    for this, it could trigger a NULL pointer dereference. This would
    cause denial of service. [bnc#1138293]
    
    CVE-2019-12456: An issue in the MPT3COMMAND case in _ctl_ioctl_main()
    allowed local users to cause a denial of service or possibly have
    unspecified other impact by changing the value of ioc_number between
    two kernel reads of that value, aka a 'double fetch' vulnerability.
    [bsc#1136922]
    
    CVE-2019-12380: An issue was in the EFI subsystem existed that
    mishandled memory allocation failures. Note, however, that all
    relevant code runs only at boot-time, before any user processes are
    started. Therefore, there was no possibility for an unprivileged user
    to exploit this issue. [bnc#1136598]
    
    The update package also includes non-security fixes. See advisory for
    details.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1051510"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1071995"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1088047"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1094555"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1098633"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1106383"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1106751"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1109137"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1114279"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1119532"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1120423"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1124167"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1127155"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1128432"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1128902"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1128910"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1131645"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1132154"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1132390"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1133401"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1133738"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1134303"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1134395"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1135296"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1135556"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1135642"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1136157"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1136598"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1136922"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1136935"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1137103"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1137194"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1137429"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1137625"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1137728"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1137884"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1137995"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1137996"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1137998"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1137999"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138000"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138002"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138003"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138005"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138006"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138007"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138008"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138009"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138010"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138011"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138012"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138013"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138014"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138015"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138016"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138017"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138018"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138019"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138291"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138293"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138374"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138375"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138589"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1138719"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1139771"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1139782"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1139865"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140133"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140328"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140405"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140424"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140428"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140575"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140577"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140637"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140658"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140715"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140719"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140726"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140727"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140728"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140814"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-16871/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-20836/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-10126/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-10638/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-10639/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11599/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-12380/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-12456/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-12614/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-12818/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-12819/"
      );
      # https://www.suse.com/support/update/announcement/2019/suse-su-20191829-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?3bab832d"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Module for Public Cloud 15:zypper in -t patch
    SUSE-SLE-Module-Public-Cloud-15-2019-1829=1
    
    SUSE Linux Enterprise Module for Open Buildservice Development Tools
    15-SP1:zypper in -t patch
    SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-1829=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-20836");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cluster-md-kmp-azure");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cluster-md-kmp-azure-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dlm-kmp-azure");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dlm-kmp-azure-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gfs2-kmp-azure");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gfs2-kmp-azure-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-devel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-extra");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-extra-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-livepatch");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms-azure");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kselftests-kmp-azure");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kselftests-kmp-azure-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ocfs2-kmp-azure");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ocfs2-kmp-azure-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:reiserfs-kmp-azure");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:reiserfs-kmp-azure-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/29");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/12");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/15");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    if (cpu >!< "x86_64") audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES15" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP1", os_ver + " SP" + sp);
    if (os_ver == "SLED15" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP1", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"cluster-md-kmp-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"cluster-md-kmp-azure-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"dlm-kmp-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"dlm-kmp-azure-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"gfs2-kmp-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"gfs2-kmp-azure-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-base-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-base-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-debugsource-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-devel-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-devel-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-extra-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-extra-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-azure-livepatch-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kernel-syms-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kselftests-kmp-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"kselftests-kmp-azure-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"ocfs2-kmp-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"ocfs2-kmp-azure-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"reiserfs-kmp-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"1", cpu:"x86_64", reference:"reiserfs-kmp-azure-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"cluster-md-kmp-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"cluster-md-kmp-azure-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"dlm-kmp-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"dlm-kmp-azure-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"gfs2-kmp-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"gfs2-kmp-azure-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-base-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-base-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-debugsource-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-devel-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-devel-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-extra-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-extra-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-azure-livepatch-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kernel-syms-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kselftests-kmp-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"kselftests-kmp-azure-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"ocfs2-kmp-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"ocfs2-kmp-azure-debuginfo-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"reiserfs-kmp-azure-4.12.14-5.33.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"1", cpu:"x86_64", reference:"reiserfs-kmp-azure-debuginfo-4.12.14-5.33.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20190729_KERNEL_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) - kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) - kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) - kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811)
    last seen2020-03-18
    modified2019-08-12
    plugin id127726
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127726
    titleScientific Linux Security Update : kernel on SL7.x x86_64 (20190729)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(127726);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24");
    
      script_cve_id("CVE-2018-16871", "CVE-2018-16884", "CVE-2019-11085", "CVE-2019-11811");
    
      script_name(english:"Scientific Linux Security Update : kernel on SL7.x x86_64 (20190729)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security Fix(es) :
    
      - kernel: nfs: use-after-free in svc_process_common()
        (CVE-2018-16884)
    
      - kernel: insufficient input validation in kernel mode
        driver in Intel i915 graphics leads to privilege
        escalation (CVE-2019-11085)
    
      - kernel: nfs: NULL pointer dereference due to an
        anomalized NFS message sequence (CVE-2018-16871)
    
      - kernel: use-after-free in
        drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c,
        ipmi_si_port_io.c (CVE-2019-11811)"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1907&L=SCIENTIFIC-LINUX-ERRATA&P=10631
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?8234bf94"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:bpftool");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:perf");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:perf-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:python-perf");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"bpftool-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", reference:"kernel-abi-whitelists-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-debug-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-debug-debuginfo-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-debug-devel-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-debuginfo-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-debuginfo-common-x86_64-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-devel-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", reference:"kernel-doc-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-headers-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-tools-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-tools-debuginfo-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-tools-libs-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"kernel-tools-libs-devel-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"perf-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"perf-debuginfo-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"python-perf-3.10.0-957.27.2.el7")) flag++;
    if (rpm_check(release:"SL7", cpu:"x86_64", reference:"python-perf-debuginfo-3.10.0-957.27.2.el7")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bpftool / kernel / kernel-abi-whitelists / kernel-debug / etc");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1873.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) and Enhancement(s) : These updated kernel packages include also numerous bug fixes and add several enhancements. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https:// access.redhat.com/articles/4309211
    last seen2020-06-01
    modified2020-06-02
    plugin id127618
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127618
    titleRHEL 7 : kernel (RHSA-2019:1873)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-0740.NASL
    descriptionAn update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-alt packages provide the Linux kernel version 4.x. Security Fix(es) : * kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459) * kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460) * kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884) * kernel: powerpc: local user can read vector registers of other users
    last seen2020-03-18
    modified2020-03-10
    plugin id134361
    published2020-03-10
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134361
    titleRHEL 7 : kernel-alt (RHSA-2020:0740)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1757.NASL
    descriptionThe openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-10638: A device could be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses (bnc#1140575). - CVE-2019-10639: The Linux kernel allowed Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image is exposed. This attack can be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker
    last seen2020-06-01
    modified2020-06-02
    plugin id126897
    published2019-07-22
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126897
    titleopenSUSE Security Update : the Linux Kernel (openSUSE-2019-1757)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-1769.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1769 advisory. - kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) - Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR (CVE-2019-10639) - kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure (CVE-2019-15090) - kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash (CVE-2019-15099) - kernel: Null pointer dereference in the sound/usb/line6/pcm.c (CVE-2019-15221) - kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol. (CVE-2019-17053) - kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol. (CVE-2019-17055) - kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c (CVE-2019-18805) - kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS (CVE-2019-19057) - kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS) (CVE-2019-19073) - kernel: a memory leak in the ath9k management function in allows local DoS (CVE-2019-19074) - kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver (CVE-2019-19534) - kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768) - kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications (CVE-2019-19922) - kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service (CVE-2019-8980) - kernel: some ipv6 protocols not encrypted over ipsec tunnel. (CVE-2020-1749) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-05-03
    modified2020-04-29
    plugin id136115
    published2020-04-29
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136115
    titleRHEL 8 : kernel (RHSA-2020:1769)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1891.NASL
    descriptionAn update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * kernel-rt: update to the RHEL7.6.z batch#6 source tree (BZ#1718400)
    last seen2020-06-01
    modified2020-06-02
    plugin id127623
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127623
    titleRHEL 7 : kernel-rt (RHSA-2019:1891)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-1873.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) and Enhancement(s) : These updated kernel packages include also numerous bug fixes and add several enhancements. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https:// access.redhat.com/articles/4309211
    last seen2020-05-08
    modified2019-08-12
    plugin id127469
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127469
    titleCentOS 7 : kernel (CESA-2019:1873)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2730.NASL
    descriptionAn update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : * kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568) * kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members (CVE-2018-13405) * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * Backport TCP follow-up for small buffers [mrg-r] (BZ#1732110) * update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1734469)
    last seen2020-06-01
    modified2020-06-02
    plugin id128854
    published2019-09-16
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128854
    titleRHEL 6 : MRG (RHSA-2019:2730)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1919.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.(CVE-2018-10323) - A flaw was found in the Linux kernel
    last seen2020-05-08
    modified2019-09-16
    plugin id128842
    published2019-09-16
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128842
    titleEulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1919)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-4746.NASL
    descriptionThe remote Oracle Linux host is missing a security update for the Unbreakable Enterprise kernel package(s).
    last seen2020-06-01
    modified2020-06-02
    plugin id127985
    published2019-08-20
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127985
    titleOracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4746)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1716.NASL
    descriptionThe openSUSE Leap 15.0 was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-10638: A device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses (bnc#1140575). - CVE-2019-10639: The Linux kernel allowed Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image is exposed. This attack can be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker
    last seen2020-06-01
    modified2020-06-02
    plugin id126884
    published2019-07-22
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126884
    titleopenSUSE Security Update : the Linux Kernel (openSUSE-2019-1716)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-1567.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1567 advisory. - kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) - Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR (CVE-2019-10639) - kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure (CVE-2019-15090) - kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash (CVE-2019-15099) - kernel: Null pointer dereference in the sound/usb/line6/pcm.c (CVE-2019-15221) - kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol. (CVE-2019-17053) - kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol. (CVE-2019-17055) - kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c (CVE-2019-18805) - kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS (CVE-2019-19057) - kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS) (CVE-2019-19073) - kernel: a memory leak in the ath9k management function in allows local DoS (CVE-2019-19074) - kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver (CVE-2019-19534) - kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768) - kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications (CVE-2019-19922) - kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service (CVE-2019-8980) - kernel: some ipv6 protocols not encrypted over ipsec tunnel. (CVE-2020-1749) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-05-03
    modified2020-04-29
    plugin id136116
    published2020-04-29
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136116
    titleRHEL 8 : kernel-rt (RHSA-2020:1567)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-1873.NASL
    descriptionFrom Red Hat Security Advisory 2019:1873 : An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) and Enhancement(s) : These updated kernel packages include also numerous bug fixes and add several enhancements. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https:// access.redhat.com/articles/4309211
    last seen2020-06-01
    modified2020-06-02
    plugin id127603
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127603
    titleOracle Linux 7 : kernel (ELSA-2019-1873)
  • NASL familyVirtuozzo Local Security Checks
    NASL idVIRTUOZZO_VZA-2019-064.NASL
    descriptionAccording to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - nfs: NULL pointer dereference due to an anomalized NFS message sequence. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost. Note that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id133457
    published2020-02-04
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133457
    titleVirtuozzo 7 : readykernel-patch (VZA-2019-064)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0180_KERNEL.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest. (CVE-2018-10853) - A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel- memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients. (CVE-2018-14625) - drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). (CVE-2018-14734) - arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. (CVE-2018-15594) - A flaw was found in the Linux kernel
    last seen2020-05-08
    modified2019-10-15
    plugin id129900
    published2019-10-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129900
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0180)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1269.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.(CVE-2018-7191) - A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.(CVE-2019-19062) - An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.(CVE-2019-18805) - In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a.(CVE-2019-16994) - An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.(CVE-2019-15921) - In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.(CVE-2019-15807) - An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.(CVE-2019-15538) - An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel
    last seen2020-03-26
    modified2020-03-20
    plugin id134735
    published2020-03-20
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134735
    titleEulerOS Virtualization 3.0.2.2 : kernel (EulerOS-SA-2020-1269)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0253_KERNEL-RT.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel-rt packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel
    last seen2020-05-08
    modified2019-12-31
    plugin id132495
    published2019-12-31
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132495
    titleNewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0253)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2430-1.NASL
    descriptionThe SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130: Microarchitectural Store Buffer Data Sampling (MSBDS): Stored buffers on some microprocessors utilizing speculative execution which may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here : https://www.intel.com/content/dam/www/public/us/en/documents/corporate -info rmation/SA00233-microcode-update-guidance_05132019. (bsc#1103186)CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here : https://www.intel.com/content/dam/www/public/us/en/documents/corporate -info rmation/SA00233-microcode-update-guidance_05132019. (bsc#1111331)CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel There was an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). (bsc#1136586) CVE-2019-10124: An issue was discovered in the hwpoison implementation in mm/memory-failure.c in the Linux kernel. When soft_offline_in_use_page() runs on a thp tail page after pmd is split, an attacker could cause a denial of service (bsc#1130699). CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel has multiple race conditions. (bsc#1133188) CVE-2019-11811: An issue was discovered in the Linux kernel There was a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module was removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c. (bsc#1134397) CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It could occur with FUSE requests. (bsc#1133190) CVE-2019-12818: The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This used to affect nfc_llcp_build_gb in net/nfc/llcp_core.c. (bsc#1138293) CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. (bsc#1135281) CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bsc#1120843) CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bsc#1135603) CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a hidPCONNADD command, because a name field may not end with a
    last seen2020-05-12
    modified2019-09-24
    plugin id129284
    published2019-09-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129284
    titleSUSE SLED15 / SLES15 Security Update : kernel-source-rt (SUSE-SU-2019:2430-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (SACK Panic) (SACK Slowness) (Spectre)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1926.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. Security Fix(es):A flaw was found in the Linux kernel
    last seen2020-04-16
    modified2019-09-17
    plugin id128929
    published2019-09-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128929
    titleEulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2019-1926)
  • NASL familyVirtuozzo Local Security Checks
    NASL idVIRTUOZZO_VZA-2019-068.NASL
    descriptionAccording to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - tcp: integer overflow while processing SACK blocks allows remote denial of service. An integer overflow was found in the way the Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id133458
    published2020-02-04
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133458
    titleVirtuozzo 7 : readykernel-patch (VZA-2019-068)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1855-1.NASL
    descriptionThe SUSE Linux Enterprise 15 kernel version 4.12.14 was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-10638: Attackers used to be able to track the Linux kernel by the IP ID values the kernel produces for connection-less protocols. When such traffic was sent to multiple destination IP addresses, it was possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack could have been conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses. [bnc#1140575] CVE-2019-10639: The Linux kernel used to allow Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it was possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols. When such traffic was sent to multiple destination IP addresses, it was possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key was extracted (via enumeration), the offset of the kernel image was exposed. This attack could be carried out remotely by the attacker forcing the target device to send UDP or ICMP traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker
    last seen2020-06-01
    modified2020-06-02
    plugin id126744
    published2019-07-16
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126744
    titleSUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1855-1) (SACK Slowness)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0183_KERNEL-RT.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected by multiple vulnerabilities: - A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest. (CVE-2018-10853) - A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel- memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients. (CVE-2018-14625) - drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). (CVE-2018-14734) - arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. (CVE-2018-15594) - A flaw was found in the Linux kernel
    last seen2020-05-08
    modified2019-10-15
    plugin id129920
    published2019-10-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129920
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0183)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1744-1.NASL
    descriptionThe SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. This update adds support for the Hygon Dhyana CPU (fate#327735). The following security bugs were fixed : CVE-2019-12614: An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c. There was an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash) (bnc#1137194). CVE-2018-16871: A NULL pointer dereference due to an anomalized NFS message sequence was fixed. (bnc#1137103). CVE-2019-12817: On the PowerPC architecture, local attackers could access other users processes memory (bnc#1138263). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126499
    published2019-07-05
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126499
    titleSUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1744-1)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0247_KERNEL.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel
    last seen2020-05-08
    modified2019-12-31
    plugin id132474
    published2019-12-31
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132474
    titleNewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2019-0247)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2696.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568) * kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members (CVE-2018-13405) * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * fragmented packets timing out (BZ#1729411) * kernel build: speed up debuginfo extraction (BZ#1731462) * TCP packets are segmented when sent to the VM (TAP) (BZ#1732744) * TCP packets are segmented when sent to the VLAN device when coming from VXLAN dev. (BZ#1732809) * skb head copy occurs when sending traffic over OVS managed VXLAN tunnel (BZ #1733626) * [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734160) * use
    last seen2020-06-01
    modified2020-06-02
    plugin id128662
    published2019-09-11
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128662
    titleRHEL 7 : kernel (RHSA-2019:2696)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1851-1.NASL
    descriptionThe SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-10638: A device could have been tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic was sent to multiple destination IP addresses, it was possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may have been conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses. (bnc#1140575) CVE-2019-10639: Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it was possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic was sent to multiple destination IP addresses, it was possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key is extracted (via enumeration), the offset of the kernel image was exposed. This attack could have been carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic was trivial if the server answered ICMP Echo requests (ping). For client targets, if the target visited the attacker
    last seen2020-06-01
    modified2020-06-02
    plugin id126741
    published2019-07-16
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126741
    titleSUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:1851-1) (SACK Slowness)

Redhat

advisories
  • rhsa
    idRHSA-2019:2696
  • rhsa
    idRHSA-2019:2730
  • rhsa
    idRHSA-2020:0740
rpms
  • bpftool-0:3.10.0-957.27.2.el7
  • kernel-0:3.10.0-957.27.2.el7
  • kernel-abi-whitelists-0:3.10.0-957.27.2.el7
  • kernel-bootwrapper-0:3.10.0-957.27.2.el7
  • kernel-debug-0:3.10.0-957.27.2.el7
  • kernel-debug-debuginfo-0:3.10.0-957.27.2.el7
  • kernel-debug-devel-0:3.10.0-957.27.2.el7
  • kernel-debuginfo-0:3.10.0-957.27.2.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-957.27.2.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-957.27.2.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-957.27.2.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-957.27.2.el7
  • kernel-devel-0:3.10.0-957.27.2.el7
  • kernel-doc-0:3.10.0-957.27.2.el7
  • kernel-headers-0:3.10.0-957.27.2.el7
  • kernel-kdump-0:3.10.0-957.27.2.el7
  • kernel-kdump-debuginfo-0:3.10.0-957.27.2.el7
  • kernel-kdump-devel-0:3.10.0-957.27.2.el7
  • kernel-tools-0:3.10.0-957.27.2.el7
  • kernel-tools-debuginfo-0:3.10.0-957.27.2.el7
  • kernel-tools-libs-0:3.10.0-957.27.2.el7
  • kernel-tools-libs-devel-0:3.10.0-957.27.2.el7
  • perf-0:3.10.0-957.27.2.el7
  • perf-debuginfo-0:3.10.0-957.27.2.el7
  • python-perf-0:3.10.0-957.27.2.el7
  • python-perf-debuginfo-0:3.10.0-957.27.2.el7
  • kernel-rt-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debug-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debug-debuginfo-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debug-devel-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debug-kvm-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debuginfo-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-devel-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-doc-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-kvm-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-kvm-debuginfo-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-trace-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-trace-debuginfo-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-trace-devel-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-trace-kvm-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-0:3.10.0-693.58.1.el7
  • kernel-abi-whitelists-0:3.10.0-693.58.1.el7
  • kernel-bootwrapper-0:3.10.0-693.58.1.el7
  • kernel-debug-0:3.10.0-693.58.1.el7
  • kernel-debug-debuginfo-0:3.10.0-693.58.1.el7
  • kernel-debug-devel-0:3.10.0-693.58.1.el7
  • kernel-debuginfo-0:3.10.0-693.58.1.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-693.58.1.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-693.58.1.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-693.58.1.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-693.58.1.el7
  • kernel-devel-0:3.10.0-693.58.1.el7
  • kernel-doc-0:3.10.0-693.58.1.el7
  • kernel-headers-0:3.10.0-693.58.1.el7
  • kernel-kdump-0:3.10.0-693.58.1.el7
  • kernel-kdump-debuginfo-0:3.10.0-693.58.1.el7
  • kernel-kdump-devel-0:3.10.0-693.58.1.el7
  • kernel-tools-0:3.10.0-693.58.1.el7
  • kernel-tools-debuginfo-0:3.10.0-693.58.1.el7
  • kernel-tools-libs-0:3.10.0-693.58.1.el7
  • kernel-tools-libs-devel-0:3.10.0-693.58.1.el7
  • perf-0:3.10.0-693.58.1.el7
  • perf-debuginfo-0:3.10.0-693.58.1.el7
  • python-perf-0:3.10.0-693.58.1.el7
  • python-perf-debuginfo-0:3.10.0-693.58.1.el7
  • kernel-rt-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-debug-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-debug-debuginfo-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-debug-devel-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-debuginfo-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-devel-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-doc-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-firmware-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-trace-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-trace-debuginfo-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-trace-devel-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-vanilla-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-vanilla-debuginfo-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-rt-vanilla-devel-1:3.10.0-693.58.1.rt56.652.el6rt
  • kernel-0:4.14.0-115.18.1.el7a
  • kernel-abi-whitelists-0:4.14.0-115.18.1.el7a
  • kernel-bootwrapper-0:4.14.0-115.18.1.el7a
  • kernel-debug-0:4.14.0-115.18.1.el7a
  • kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a
  • kernel-debug-devel-0:4.14.0-115.18.1.el7a
  • kernel-debuginfo-0:4.14.0-115.18.1.el7a
  • kernel-debuginfo-common-aarch64-0:4.14.0-115.18.1.el7a
  • kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a
  • kernel-debuginfo-common-s390x-0:4.14.0-115.18.1.el7a
  • kernel-devel-0:4.14.0-115.18.1.el7a
  • kernel-doc-0:4.14.0-115.18.1.el7a
  • kernel-headers-0:4.14.0-115.18.1.el7a
  • kernel-kdump-0:4.14.0-115.18.1.el7a
  • kernel-kdump-debuginfo-0:4.14.0-115.18.1.el7a
  • kernel-kdump-devel-0:4.14.0-115.18.1.el7a
  • kernel-tools-0:4.14.0-115.18.1.el7a
  • kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a
  • kernel-tools-libs-0:4.14.0-115.18.1.el7a
  • kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a
  • perf-0:4.14.0-115.18.1.el7a
  • perf-debuginfo-0:4.14.0-115.18.1.el7a
  • python-perf-0:4.14.0-115.18.1.el7a
  • python-perf-debuginfo-0:4.14.0-115.18.1.el7a
  • kernel-rt-0:4.18.0-193.rt13.51.el8
  • kernel-rt-core-0:4.18.0-193.rt13.51.el8
  • kernel-rt-debug-0:4.18.0-193.rt13.51.el8
  • kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8
  • kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8
  • kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8
  • kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8
  • kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8
  • kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8
  • kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8
  • kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8
  • kernel-rt-devel-0:4.18.0-193.rt13.51.el8
  • kernel-rt-kvm-0:4.18.0-193.rt13.51.el8
  • kernel-rt-modules-0:4.18.0-193.rt13.51.el8
  • kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8
  • bpftool-0:4.18.0-193.el8
  • bpftool-debuginfo-0:4.18.0-193.el8
  • kernel-0:4.18.0-193.el8
  • kernel-abi-whitelists-0:4.18.0-193.el8
  • kernel-core-0:4.18.0-193.el8
  • kernel-cross-headers-0:4.18.0-193.el8
  • kernel-debug-0:4.18.0-193.el8
  • kernel-debug-core-0:4.18.0-193.el8
  • kernel-debug-debuginfo-0:4.18.0-193.el8
  • kernel-debug-devel-0:4.18.0-193.el8
  • kernel-debug-modules-0:4.18.0-193.el8
  • kernel-debug-modules-extra-0:4.18.0-193.el8
  • kernel-debuginfo-0:4.18.0-193.el8
  • kernel-debuginfo-common-aarch64-0:4.18.0-193.el8
  • kernel-debuginfo-common-ppc64le-0:4.18.0-193.el8
  • kernel-debuginfo-common-s390x-0:4.18.0-193.el8
  • kernel-debuginfo-common-x86_64-0:4.18.0-193.el8
  • kernel-devel-0:4.18.0-193.el8
  • kernel-doc-0:4.18.0-193.el8
  • kernel-headers-0:4.18.0-193.el8
  • kernel-modules-0:4.18.0-193.el8
  • kernel-modules-extra-0:4.18.0-193.el8
  • kernel-tools-0:4.18.0-193.el8
  • kernel-tools-debuginfo-0:4.18.0-193.el8
  • kernel-tools-libs-0:4.18.0-193.el8
  • kernel-tools-libs-devel-0:4.18.0-193.el8
  • kernel-zfcpdump-0:4.18.0-193.el8
  • kernel-zfcpdump-core-0:4.18.0-193.el8
  • kernel-zfcpdump-debuginfo-0:4.18.0-193.el8
  • kernel-zfcpdump-devel-0:4.18.0-193.el8
  • kernel-zfcpdump-modules-0:4.18.0-193.el8
  • kernel-zfcpdump-modules-extra-0:4.18.0-193.el8
  • perf-0:4.18.0-193.el8
  • perf-debuginfo-0:4.18.0-193.el8
  • python3-perf-0:4.18.0-193.el8
  • python3-perf-debuginfo-0:4.18.0-193.el8